Users will always use your application in ways you didn't intend or expect, either out of ignorance or malicious intent. Every bit of input that the user has any control over should be validated to make sure it conforms to what is expected.
We'll polish off our second project by making sure that users can't break it accidentally or through maliciously crafted input.
In this chapter, we will cover the following topics:
Choosing where to validate
Trying out an XSS example
Validating and sanitizing