HTML Entity Encoder/Decoder
Encode and decode HTML entities with our free online tool. Convert special characters like <, >, &, and quotes to their HTML entity equivalents. Perfect for web developers handling user input and preventing XSS vulnerabilities.
Options
Common HTML Entities
| Character | Named | Numeric |
|---|---|---|
| < | < | < |
| > | > | > |
| & | & | & |
| " | " | " |
| ' | ' | ' |
| © | © | © |
| ® | ® | ® |
| â„¢ | ™ | ™ |
| € | € | € |
| £ | £ | £ |
| Â | |   |
All encoding/decoding happens in your browser. No data is sent to any server.
Embed This Tool
Add this tool to your website with customizable styling
How to Use
- 1 Select your mode — Choose Encode to convert characters to HTML entities, or Decode to convert entities back to characters.
- 2 Enter your text — Paste or type the text you want to encode or decode in the input field.
- 3 Choose entity format — Select Named entities (like &) or Numeric entities (like &) for the output.
- 4 Copy the result — Click Copy to copy the encoded or decoded text to your clipboard.
Frequently Asked Questions
What are HTML entities?
HTML entities are special codes that represent characters that have meaning in HTML (like < and >) or characters not on a standard keyboard. They start with & and end with ; — for example, < represents < and & represents &.
Why do I need to encode HTML entities?
Encoding prevents browsers from interpreting special characters as HTML code. It's essential for displaying user-generated content safely and preventing XSS (cross-site scripting) attacks when showing untrusted input on web pages.
What's the difference between named and numeric entities?
Named entities use memorable names (like & or ©), while numeric entities use character codes (like & or ©). Named entities are more readable but numeric entities work for any Unicode character, even those without a name.
Which characters should I encode?
At minimum, encode: & (ampersand), < (less than), > (greater than), " (double quote), and ' (single quote). For full safety with user input, consider encoding all non-ASCII characters as well.