Deeter, tecto and shrop talk about sanitizing your html and preventing cross-site scripting and NoSQL injection attacks.
View the discussion thread.