HTML entity encode and decode

Escape special characters to HTML entities or decode them back. Runs in your browser.

Text or HTML

Output

How to encode or decode HTML entities

Choose a mode. Encode to escape special characters, or Decode to resolve entities.
Enter your text. Paste the HTML or text; the output updates live.
Copy the result. Click Copy to use the escaped or decoded text.

About HTML entities

A handful of characters control how HTML is parsed — chiefly <, > and &. To show them as literal text (or to safely embed user input), you replace them with entities. Encoding is a fundamental step in preventing cross-site scripting; decoding is handy when reading escaped content from feeds, exports or databases.

Frequently asked questions

What are HTML entities?

HTML entities are escape codes for characters that have special meaning in HTML or can't be typed directly — for example < for <, & for &, and © for ©.

When should I encode HTML entities?

Whenever you display user-supplied or dynamic text inside HTML, encode < > & " and ' to prevent the browser from interpreting it as markup — the core defence against HTML injection / XSS in templates.

What does decode handle?

Decoding uses the browser's own HTML parser, so it resolves named entities (©), decimal (©) and hex (©) references.

Is it private?

Yes — encoding and decoding happen in your browser. Nothing is sent to a server.

URL encode / decode Base64 encode / decode JSON formatter JSON diff JSON to CSV CSV to JSON JSON to XML XML formatter YAML to JSON YAML validator Hex encode / decode JWT decoder SQL formatter CSS minifier

How to encode or decode HTML entities

About HTML entities

Frequently asked questions

More Encoding & JSON tools