I've looked through the questions and I haven't seen anyone ask this yet.
What is the for sure method to remove any sort of XSS attempts in some user submitted content? I know that < and > should be converted to < and > respectively but I've heard mention that encoding differences can get around this too.
http://htmlpurifier.org/ - HTMLPurifier could be of help
ps: don't create your own code, there is no way you can cover all the issues. rely on the continually developed libraries such as HTMLPurifier.
There is no absolute security concering XSS since people find new attack vectors every day. Sometimes XSS is even a browser bug you cant do anything about (excep some workarounds).
To get the idea of the complexity look at this (incomplete) xss attack cheat sheet.
Guess you should make yourself a XSS expert or hire one to reach your goal.
You can start by inspecting the attack vectors from the given link above, try to understand why it can work and make sure you prevent it.
Another great way of preventing XSS is to make sure you accept only stuff you expect instead of blocking stuff you know is bad. (i.e. whitelisting instead of blacklisting)
Some of the holes I've seen fixed in different frameworks have been so unreal I don't get how they were found out. If you want to be 100% sure don't let users post content.
Proving a negative is a difficult proposition - as googletorp points out, the only 100% solution is to not have the problem in the first place.
Functionally, the xss attack cheat sheet at ha.ckers.org is a good place to start, as is a whitelisting approach - rather than disallowing things known to be bad, only allow things known to be good.