HTML Entity Encoder — Encode Decode HTML Entities Online

Encode plain text to HTML entities or decode HTML entities back to readable text. Supports named entities (& < > " ') and numeric entities (&#NNN; &xHHH;). 100% client-side — nothing is sent to any server.

HTML Entity Encoder / Decoder

Plain Text 0 chars
HTML Entities
0 chars

How to Use the HTML Entity Encoder

  1. Choose entity mode — Named for readable entities, Numeric for decimal/hex codes, or Auto to let the tool decide.
  2. Paste or type plain text in the left textarea.
  3. Click Encode to convert text to HTML entities, or Decode to reverse the process.
  4. Swap input and output with one click to switch direction.
  5. Copy output with the button or clipboard icon.

Why Use This Tool

HTML entity encoding is essential for preventing XSS (Cross-Site Scripting) attacks by ensuring user-supplied text is displayed as literal content rather than interpreted as HTML code. It's also critical when embedding content in HTML attributes, JavaScript strings, or CSS where special characters could break the document structure.

Named entities like &, <, > are human-readable and preferred for common characters. Numeric entities like < or &x3C; work for any Unicode character and are useful when named entities don't exist.

Frequently Asked Questions

The encoder supports all standard named entities including &amp; &, &lt; <, &gt; >, &quot; ", &#39; '. In numeric mode, it encodes every non-ASCII character to its decimal (&#NNN;) or hexadecimal (&xHHH;) representation.

Use named entities for the five core characters (& < > " ') and common symbols — they're readable and widely supported. Use numeric entities for characters without named equivalents, non-Latin scripts, or when you need maximum browser compatibility.

The decoder performs a single pass of decoding. If your input has double-encoded entities (e.g., &amp;amp;lt;), run decode multiple times until the output stabilizes. The Auto mode can detect and decode mixed named and numeric entities in one step.

Use Cases

XSS Prevention

Encode user-generated content before rendering in HTML to prevent injection of malicious scripts and ensure safe display.

HTML Attribute Safety

Encode text used in HTML attributes like title, alt, or placeholder to prevent attribute injection and broken markup.

JavaScript String Embedding

Encode text for safe embedding in inline JavaScript where HTML entities must be escaped before JS string parsing.

Email Template Encoding

Encode special characters in email HTML templates to ensure proper rendering across different email clients and prevent injection.

Related Tools

Encoder / Decoder

URL, HTML, Base64 encoding

Hash Calculator

MD5, SHA-1, SHA-256 hashes

HTML Minifier

Minify HTML code online