By normalizing means, do some refinement of the input. Thanks for contributing an answer to Salesforce Stack Exchange! I've tried HtmlUtils.HtmlEscape() but didn't get expected results. Is it possible to rotate a window 90 degrees if it has the same length and width? Is it a Java issue, or the command prompt? This in order to avoid that it will be used to escape the initial call expression in order to create another one based on crafted user input. After I click OK, it then leads me to another error saying it couldn't find JAVA.DLL. When the final testing is done pre-release it can be a serious amount of work to go back and identify those issues and fix them. Here we escape + sanitize any data sent to user, Use the OWASP Java HTML Sanitizer API to handle sanitizing, Use the OWASP Java Encoder API to handle HTML tag encoding (escaping), "You

user login

is owasp-user01", "", /* Create a sanitizing policy that only allow tag '

' and ''*/, /* Sanitize the output that will be sent to user*/, /* Here use MongoDB as target NoSQL DB */, /* First ensure that the input do no contains any special characters, //Avoid regexp this time in order to made validation code, /* Then perform query on database using API to build expression */, //Use API query builder to create call expression,