HTML Entity Encoder and Decoder
HTML entities are named or numeric codes that represent characters with special meaning in HTML markup. Encoding characters like <, >, and & prevents browsers from interpreting them as tags or syntax, which is essential for displaying user-generated content safely and avoiding cross-site scripting (XSS) vulnerabilities.
1.
Paste your text into the Input panel
2.
Click Encode to convert to HTML entities, or Decode to convert entities back to plain text
3.
Copy the result
▸
Safely embedding user-generated content in an HTML page
▸
Encoding characters like <, >, and & for display in a browser
▸
Decoding HTML entities from scraped or copied web content
When do I need to encode HTML entities?
Encode when inserting user-supplied text into HTML to prevent XSS attacks, or when you need to display characters like < > & " in HTML source without them being interpreted as markup.
What is the difference between encoding and escaping?
They mean the same thing in this context - converting characters like < to < so browsers render them as text rather than HTML.
Does it encode Unicode and named entities?
Yes - the encoder uses the full HTML5 named entity set, so characters like © become ©, é becomes é, and € becomes €. All standard HTML5 named entities are supported for both encoding and decoding.
Are spaces and common ASCII characters encoded?
Spaces and standard ASCII letters and digits are not encoded - only characters that have HTML entity equivalents (special symbols, accented letters, punctuation with named entities, etc.) are converted.
Is my text sent to a server?
Encoding and decoding run entirely in your browser. No data is uploaded or stored.