What are the steps to follow to avoid Script Injection attacks?
1. Encode user input with the HtmlEncode method. This method turns HTML into its text representation. 2. If you are using the GridView control with bound fields, set the BoundField object’s HtmlEncode property to true. This causes the GridView control to encode user input when the row is in edit mode.
