Encoding (commonly called “Output Encoding”) involves translating special characters into some different but equivalent form that is no longer dangerous in the target interpreter, for example translating the < character into the < string when writing to an HTML page.
OWASP Top Ten Proactive Controls 2018 C4: Encode and Escape DataĮncoding and escaping are defensive techniques meant to stop injection attacks.
