To prevent malicious clients from accessing or manipulating data they shouldn't, use the `encodeURIComponent` function for any HTTP path that accepts dynamic input.  `encodeURIComponent` is a standard JavaScript function that encodes special characters in a URI, preventing a possible injection attack vector. ```js getAuthor(authorId) { return this.get(`author/${encodeURIComponent(authorId)}`); } ```