I want to enable comment posting on my page, so i need to execute some html encoding before post is sent and inserted into a database.
What is the ideal side for this?
Sever side(I work with asp.net) or client side (javascript)?
If you mean sanitizing the user input, the only place you can do that safely is server-side. You can't be sure that anything has been done client-side, it's too easy to bypass client-side code.
It's like data validation: It's nice to do data validation (making sure key fields of a form are filled in with valid values, for instance) on the client because the immediate feedback makes for a good user experience, but doing so is not a substitute for doing it on the server, because it's trivially easy to bypass the client-side validation.
But with sanitizing input, you don't even want to try to do that client-side; assume it's un-sanitized and sanitize it on the server.
In ASP.Net, if the input you're sanitizing is a string you're later going to display in an HTML page and you want to ensure that it doesn't contain HTML tags of its own, you can use HttpServerUtility.HtmlEncode to encode the string (basically, turning < into < and such).