[Annatar]

Even better would be to not trust what one's application is returning back, and scrub the output in addition to scrubbing the input.