What is the way(best practice) to deal with XSS?

Question

I am using ASP.NET and on ASP.NET page has validate attribute which checks for the XSS validations. However i would like to know that is it really sufficient ?

I hav

Answer 1

Check it out: Allowing HTML and Preventing XSS @ shiflett.org