About HTML Entity Encode / Decode
The HTML Entity Encoder / Decoder converts special characters to HTML entities (&, <, >, ", ') or decodes HTML entities back to their original characters. Essential for safely inserting user-supplied text into HTML and for reading entity-encoded content.
HTML entities prevent XSS (cross-site scripting) attacks by ensuring characters with special meaning in HTML — like <, >, and & — are displayed as text rather than interpreted as markup.
This tool encodes the full set of HTML named entities and numeric character references. It handles both named entities (©, , —) and numeric references (©, —).
Everything runs in your browser. Your data never leaves your device.
How to Use HTML Entity Encode / Decode
Paste your text or HTML.
Select Encode (text → HTML entities) or Decode (entities → text).
Copy the result.
Examples
Frequently Asked Questions
Why do I need HTML encoding?
HTML encoding converts characters like < and & that have special meaning in HTML into safe representations (< and &). This prevents XSS attacks and display errors when inserting user input into HTML.
What characters get encoded?
< becomes <, > becomes >, & becomes &, " becomes ", and ' becomes '. These are the five characters with special meaning in HTML.
How do I decode & back to &?
Paste the entity-encoded text and select Decode mode. & becomes &, < becomes <, > becomes >, and so on.
Does it encode all Unicode characters?
The default mode encodes only the five HTML-significant characters. Enable full Unicode mode to encode all non-ASCII characters as numeric HTML entities.
What is ?
is the HTML entity for a non-breaking space — a space character that prevents the browser from wrapping the line at that point.