HTML Encoder & Decoder | Escape/Unescape Entities

EncodingRuns in Your Browser (No Uploads)

HTML Entity Encoding: Escape or unescape HTML entities to protect or restore markup (e.g., < & ").

Standard: W3C HTML5 Standard - HTML Entities

💡 Live Mode: Results update automatically as you type.

Mode

Settings

Entity Type

Input

Output

Loading…

Convert text to HTML entities (named or numeric) so it renders safely, or decode entities back to plain text. Ideal for XSS‑safe display and code samples; 100% local processing.

How to Use This Tool

1
Choose Encode to escape HTML or Decode to restore characters.
2
Paste or type text; results update instantly in Live mode (or click in Manual mode).
3
Pick entity type: Named (©, €,  ) or Numeric (&#...;).
4
Copy the result or use Swap to switch directions.

Use Cases & Examples

Preventing XSS in Rendered Content

Encode user‑generated text before output so browsers display it safely instead of executing it.

Showing Code Examples

Display HTML snippets in docs and posts as literal text (e.g., <div>...</div>).

Symbols & International Characters

Render ©, €, non‑breaking spaces, and other characters consistently across browsers and email clients.

HTML entities & safe rendering

Entities are escape sequences (start with & and end with ;) that render reserved or hard‑to‑type characters as text.

Encode <, >, & and quotes in attributes so markup isn't interpreted as code.

Named entities are human‑readable; numeric entities use Unicode code points and work for any character.

Frequently Asked Questions

Q.Is HTML encoding the same as encryption?

A. No. Encoding changes how text renders in HTML; it doesn't provide secrecy or transport security.

Q.Named vs. numeric entities — what’s the difference?

A. Named entities use names (©); numeric entities use code points (©) and cover any Unicode character.

Q.Which characters must be encoded?

A. Encode <, >, and & in HTML; encode quotes inside attribute values for correctness and safety.

Q.Does encoding alone prevent XSS?

A. It's necessary for safe rendering but should be combined with validation and a Content Security Policy (CSP).

Related Tools

Explore more developer tools

Base64 Encoder & Decoder | UTF-8, URLs & Data URI

Encode text to Base64 or decode Base64 to text with full UTF-8 support.

Encoding

URL Encoder & Decoder | UTF-8 Percent Encoding

Encode or decode URLs using UTF-8 percent-encoding. Local browser processing only.

Encoding

Browse All Tools