Free HTML Entity Encoder / Decoder Online

Encode special characters to HTML entities (&, <, >) or decode HTML entities back to plain text. Safe for use in HTML attributes and content.

HTML reserves certain characters for its own syntax: angle brackets for tags, the ampersand for entities, and quotes for attribute values. Including these characters literally in HTML content can cause the browser to misparse them. The solution is HTML entity encoding, which replaces each reserved character with a safe escape sequence — < becomes <, > becomes >, & becomes &. This tool encodes any text to its HTML-safe form or decodes HTML entities back to plain text. Use it to safely display code snippets, user-generated content, or any text that may contain reserved characters inside an HTML page.

Ad Space

sees that text on the page rather than having it execute. Modern frameworks like React apply this automatically."}},{"@type":"Question","name":"What is the difference between HTML encoding and URL encoding?","acceptedAnswer":{"@type":"Answer","text":"HTML encoding makes text safe for HTML markup. URL encoding (percent-encoding) makes text safe for URLs. The two use completely different escape sequences and are not interchangeable."}},{"@type":"Question","name":"Can I use numeric entities instead of named ones?","acceptedAnswer":{"@type":"Answer","text":"Yes. Every character has a numeric entity using its Unicode code point: < for < (decimal) or < for < (hex). Both forms are universally supported for common characters."}}]},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://quicktoolsonline.org"},{"@type":"ListItem","position":2,"name":"HTML Entity Encoder / Decoder","item":"https://quicktoolsonline.org/tools/html-entity-codec"}]}]

HTML Entity Encoder / Decoder

Plain Text

HTML Entities

Ad Space

How to use this html entity encoder / decoder

To encode: paste your text in the left box and click Encode. Reserved HTML characters are replaced with entity equivalents.
To decode: paste HTML-encoded text in the right box and click Decode. Entities like &lt; are restored to their original characters.
Click Copy to put the result on your clipboard.
Use the encoded output inside HTML content or attributes to prevent markup parsing issues.

Common use cases

Safely embedding user-submitted text in an HTML page to prevent XSS injection
Displaying code examples in a blog post without the browser interpreting the HTML tags
Decoding HTML entities from a scraped webpage or email body to read the original text
Preparing content for an HTML email template where certain characters must be encoded
Converting a string containing quotes and ampersands for safe use in HTML attributes

Frequently asked questions

What is the most important HTML entity?

The ampersand (&) is the most critical, because it starts every other entity. Always encode & as & in HTML text content and attribute values to prevent misinterpretation.

Does HTML encoding prevent XSS attacks?

HTML-encoding user input before rendering it in the page is the primary defense against reflected and stored XSS. It ensures that a user who submits <script>alert(1)</script> sees that text on the page rather than having it execute. Modern frameworks like React apply this automatically.

What is the difference between HTML encoding and URL encoding?

HTML encoding makes text safe for HTML markup. URL encoding (percent-encoding) makes text safe for URLs. The two use completely different escape sequences and are not interchangeable.

Can I use numeric entities instead of named ones?

Yes. Every character has a numeric entity using its Unicode code point: < for < (decimal) or < for < (hex). Both forms are universally supported for common characters.

Ad Space

More Tools

Base64 Encode / Decode

Encode & decode Base64 strings

Color Picker & Converter

Convert HEX, RGB & HSL colors

URL Encode / Decode

Encode & decode URLs

Unix Timestamp Converter

Convert Unix timestamps to dates