HTML Entity Encoder / Decoder
Encode or decode HTML entities instantly. Convert <, >, & to <, >, & and back. Essential for web developers working with HTML, XML, or escaping user input. Free, instant, runs in your browser.
FAQ
HTML entities are special sequences like < and & that represent characters with special meaning in HTML. They prevent browsers from interpreting code as markup.
Always encode user-generated content before rendering it in HTML to prevent XSS attacks. Also use entities when showing HTML/XML code examples on a webpage.
Named entities use readable names like < for < and & for &. Numeric entities use code points: decimal (<) or hex (<). Named entities are easier to read, but numeric entities work for any Unicode character.
Always encode user-generated content before rendering it in HTML to prevent XSS (Cross-Site Scripting) attacks. Also encode characters that have special meaning in HTML when showing code examples: <, >, &, ", and ' in attribute values.
Entity encoding protects against XSS in HTML body content, but it's not a complete solution. You also need context-appropriate encoding for JavaScript, CSS, and URL contexts. Use a Content Security Policy (CSP) as an additional layer of defense.
There are over 2,000 named HTML entities covering common symbols (© for ©, ® for ®), mathematical symbols (π, ∞), Greek letters (α, Ω), arrows (→, ←), and typographic characters (—, …).
Yes! The decoder handles named entities (<), decimal numeric (<), and hex numeric (<) references - all three forms are converted back to the original character.
More tools
JSON Formatter
Pretty-print, validate, and minify JSON with syntax highlighting.
URL Encoder / Decoder
Encode or decode URL strings with percent-encoding.
Base64 Encoder / Decoder
Encode or decode Base64 strings instantly.
URL Parser
Deconstruct any URL into its components.
Markdown Preview
Write Markdown and see rendered HTML in real time.
Diff Checker
Compare two text blocks side-by-side and see exactly what changed.