🔤 Online HTML Entity Encoder & Decoder

Ad Slot - Top (728×90)

Input Text

Result

Results will appear here...
Ad Slot - Middle (728×90)

Common HTML Entities Reference

CharacterNamed EntityDecimal EntityHex EntityDescription
&&&&Ampersand
<&lt;&#60;&#x3C;Less than
>&gt;&#62;&#x3E;Greater than
"&quot;&#34;&#x22;Double quote
'&apos;&#39;&#x27;Single quote / Apostrophe
&nbsp;&#160;&#xA0;Non-breaking space
©&copy;&#169;&#xA9;Copyright
®&reg;&#174;&#xAE;Registered trademark
&euro;&#8364;&#x20AC;Euro sign
¥&yen;&#165;&#xA5;Yen sign
&mdash;&#8212;&#x2014;Em dash
&hellip;&#8230;&#x2026;Horizontal ellipsis

How to Use

This HTML entity encoder and decoder tool is designed for web developers, content editors, and security testers. It is straightforward to use and packed with features. Here is the detailed guide:

Encoding: Paste HTML code or plain text into the input box, then click the "Encode" button. The tool automatically converts special characters (such as <, >, &, quotes, etc.) into their corresponding HTML entities. If you need to encode all characters (including letters, numbers, and non-ASCII characters), check the "Encode all characters" option. The encoded result appears in real time in the result area, ready for you to copy and use.

Decoding: Paste text containing HTML entities into the input box, then click the "Decode" button. The tool converts named entities (such as &lt;) and numeric entities (such as &#60;) back to their original characters. Both decimal and hexadecimal numeric entity formats are supported. The decoded text can be directly used for further editing or verification.

Entity Format Options: By default, named entities (such as &lt;) are used, which are easier to read and remember. When "Use decimal numeric entities" is checked, the tool outputs entities in the &#number; format, offering broader compatibility but slightly lower readability. Hexadecimal entities (&#xhex;) are especially useful when you need precise control over Unicode characters.

Use Cases

The HTML entity encoder and decoder tool has a wide range of applications in web development and content management:

Prevent XSS Attacks: When displaying user input on a web page, special characters must first be encoded as HTML entities. For example, if a user inputs <script>alert('XSS')</script> and it is not encoded, the browser will execute the JavaScript code. After encoding, it becomes &lt;script&gt;alert('XSS')&lt;/script&gt;, and the browser safely displays it as text rather than executing the script.

Code Display and Documentation: When showing HTML code snippets in technical blogs, documentation, or tutorials, the < and > characters within the code must be escaped as entities. Otherwise, the browser will parse them as tags and the display will break. This tool can quickly perform batch escaping, significantly improving documentation writing efficiency.

Email Template Creation: When writing HTML email templates, special characters that are not encoded as entities may display inconsistently across different email clients. Using entity encoding ensures that special symbols display correctly in all email clients, improving compatibility and professionalism.

In-Depth Knowledge

How HTML Entities Work: HTML entities are a way to represent special characters in HTML documents, in the format &name; or &#number;. When the browser parses HTML, it checks whether the characters following an & symbol form a valid entity reference. If so, it replaces the entity with the corresponding Unicode character; if not, it treats the & as a literal character. This is why displaying the & symbol itself requires the &amp; entity.

Named Entities vs. Numeric Entities: Named entities use human-readable names (such as &lt; for less-than), which are easy to remember and read, but only support a limited set of characters (around 250). Numeric entities use Unicode code points (such as &#60; or &#x3C;), capable of representing any Unicode character (over 150,000 characters), offering broader compatibility and coverage.

Related Concepts: HTML entity encoding (&lt;), URL encoding (%3C), and JavaScript escaping (\u003C) are three distinct character encoding methods used in HTML documents, URL parameters, and JavaScript code respectively. They follow different rules and serve different purposes, but all play an essential role in preventing injection attacks and ensuring correct display.

FAQ

What is HTML entity encoding?

HTML entity encoding is the process of converting characters that have special meaning in HTML (such as <, >, &, quotes, etc.) into their corresponding entity representations (such as &lt;, &gt;, &amp;, &quot;). This prevents these characters from being misinterpreted by the browser as HTML tags or directives.

What is the difference between HTML entity encoding and URL encoding?

HTML entity encoding is used to represent special characters within HTML documents, using the &name; or &#number; format (such as &lt; or &#60;). URL encoding is used to transmit special characters in URLs, using the %XX format (such as %3C). They serve entirely different purposes and follow different encoding rules.

Why do HTML special characters need to be escaped?

If not escaped, the browser will interpret special characters (such as <) as the start of HTML tags, causing rendering issues or XSS security vulnerabilities. After escaping, the browser correctly displays them as plain text characters rather than parsing them as tags or directives.

Which HTML entities are supported?

This tool supports all standard HTML entities, including basic entities (&lt; &gt; &amp; &quot; &apos;), numeric entities (&#x3C; &#60;), common symbols (&copy; &reg; &euro; &yen; &mdash;), and Unicode character entities (&#x4E2D; &#x6587;).

Can I directly paste encoded text into my HTML?

Yes. Encoded HTML entities can be embedded directly into HTML documents, and the browser will automatically decode them back to their original characters. This is the standard practice for displaying code snippets and handling user input.

Does this tool process my data on a server?

No. This tool is implemented entirely on the frontend. All encoding and decoding operations are performed within your browser. Your data is never uploaded to any server, ensuring complete privacy and security.

Ad Slot - Bottom (728×90)