12. Output Encoding and Escaping

Encoding and escaping prevent injection when displaying or writing output.
Never assume your output destination is safe.

Example

import html

user_input = "<script>alert('Hacked!')</script>"
safe_output = html.escape(user_input)
print("Escaped HTML:", safe_output)

✅ Lesson: Encode or escape output before displaying or logging user-controlled data.