Your data is never sent to a server or stored anywhere. All processing happens in your browser.

HTML Entity Encoder / Decoder

Mode
Output

How to Use

Type or paste text into the input area. In Encode mode, special HTML characters (&, <, >, ", ') are converted to their entity equivalents. In Decode mode, HTML entities are converted back to their original characters. Supports named entities (&amp;, &lt;, &copy;), decimal (&#65;), and hexadecimal (&#x41;) numeric references.

HTML Entities

HTML entities are special codes used to represent characters that have meaning in HTML markup. For example, < and > define HTML tags, so to display these characters as text, you must use &lt; and &gt;. The ampersand (&) starts every entity, so it must be written as &amp;. Entities are essential for preventing XSS vulnerabilities and ensuring HTML renders correctly.

Use Cases

  • XSS (cross-site scripting) prevention — escape user input before rendering it in HTML
  • Embedding code snippets in blog posts — display tag characters correctly inside <pre> blocks
  • Building HTML email templates — ensure special characters render consistently across email clients
  • CMS content sanitization — neutralize HTML syntax in user-submitted posts and comments

Commonly Used HTML Entities

  • &amp; → & (ampersand) — the starting character of every entity
  • &lt; → < / &gt; → > (angle brackets) — required to distinguish from HTML tags
  • &quot; → " (double quote) — used inside attribute values
  • &apos; → ' (single quote) — used inside attributes and JavaScript strings
  • &nbsp; → non-breaking space — a space that prevents line breaks
  • &copy; → © / &reg; → ® — copyright and registered trademark symbols
  • &mdash; → — / &ndash; → – — em dash and en dash
  • &hellip; → … — horizontal ellipsis

Privacy

All encoding and decoding happens entirely in your browser. No data is sent to a server, stored, or logged. You can safely encode HTML containing sensitive content.