HTML Entity Encoder
Encode special characters to HTML entities or decode HTML entities back to plain text — instantly in your browser. Handles &, <, >, quotes, and more.
Frequently Asked Questions
What are HTML entities?
HTML entities are special text sequences that represent characters that have special meaning in HTML, or characters that cannot easily be typed. They begin with an ampersand (&) and end with a semicolon (;). For example, & renders as &, < renders as <, and > renders as >. Named entities like © render as © and produces a non-breaking space. Numeric entities use a decimal (©) or hexadecimal (©) code point reference.
Why should I encode HTML?
HTML encoding is essential for security and correct rendering. When displaying user-supplied content on a web page, you must encode special characters to prevent Cross-Site Scripting (XSS) attacks. If a user submits <script>alert("hacked")</script> and you display it unencoded, the browser will execute the script. Encoding it as <script> makes it render as visible text instead. Additionally, encoding ensures that characters like < and > inside text content are not mistakenly interpreted as HTML tags.
What is the difference between named and numeric HTML entities?
Named entities use a descriptive name preceded by & and followed by ;, such as & for the ampersand character or © for the copyright symbol. They are human-readable but only a limited set of characters have official named entities defined in the HTML specification. Numeric entities work for any Unicode character: decimal entities use the form &#NNNN; where NNNN is the decimal Unicode code point, and hexadecimal entities use &#xHHHH; where HHHH is the hex code point. For example, the euro sign € can be written as € or €.