What are HTML entities?

HTML entities are special character codes that begin with & and end with ;. They are used to display reserved characters like , &, and " safely in HTML without breaking the markup.

Why should I encode HTML characters?

Encoding HTML special characters prevents XSS (Cross-Site Scripting) attacks, ensures proper rendering of code examples, and avoids broken layouts when displaying user-generated content on websites.

What characters need HTML encoding?

The five most important characters to encode are: & (ampersand), (greater than), " (double quote), and ' (single quote/apostrophe). These are the minimum required to safely display text in HTML.

Free Developer Tool — 100% Client-Side

HTML Entities Encode & Decode Online

Escape HTML special characters to entities or decode entities back to plain text instantly. Protect your site from XSS — all processing happens in your browser.

Input

Output

What Is HTML Entity Encoding?

HTML entity encoding is the process of replacing special HTML characters with their corresponding entity codes. An HTML entity encoder converts characters like < and > into < and > so they display safely in a browser. An HTML decoder reverses this process, turning entity codes back into readable characters. Our free HTML entities tool handles both encoding and decoding entirely on your device — nothing is sent to a server.

Common HTML Entities Reference

&

Ampersand

<

Less than

>

Greater than

"

Double quote

'

Single quote

/

Forward slash

When to Encode vs Decode

Encode

Use encoding when you need to display HTML tags as text on a web page, embed user-generated content safely, or prevent XSS vulnerabilities. Encoding turns <script> into <script> so it renders harmlessly as text.

Decode

Use decoding when you have HTML entity codes that you want to convert back to readable characters. This is useful when extracting data from HTML source, processing API responses that use entities, or cleaning up escaped content for display in plain-text contexts.

Why Developers Use HTML Entities

XSS Prevention — Encoding user input before rendering it in HTML prevents malicious script injection attacks.
Code Display — Show code snippets on tutorials and documentation without the browser interpreting the markup.
User-Generated Content — Safely display comments, forum posts, and profile data containing HTML special characters.
Template Rendering — Template engines automatically encode variables to prevent injection when generating HTML pages.
Email & RSS Feeds — HTML entities ensure special characters render correctly across different email clients and feed readers.

How to Use This HTML Entities Tool

To encode text to HTML entities, paste your content into the input field and click Encode to HTML Entities. The tool will replace all special HTML characters with their entity equivalents. To decode, paste entity codes and click Decode from Entities. The tool recognizes named entities like & and numeric entities like <. Use the Clear button to reset both fields or Copy to copy the output to your clipboard.