Preventing HTML and Script injections in Javascript

Question

Assume I have a page with an input box. The user types something into the input box and hits a button. The button triggers a function that picks up the value typed into the

Answer 1

From here

var string="";
string=encodeURIComponent(string); // %3Cscript%3E...%3C/script%3