The Open Web Application Security Project (OWASP) project has a good overview on the various aspects of Cross Site Scripting (XSS). Be sure to read the chapter on Data Validation, where strategies for validating data is discussed.