HTML Entities Encoder / Decoder
Escape characters into safe HTML entities, decode them back, or browse a cheat sheet of common codes.
HTML Entities Encoder, Decoder & Cheat Sheet
Properly escaping HTML is critical for preventing Cross-Site Scripting (XSS) attacks. Our free online HTML Entities Encoder & Decoder allows you to instantly escape reserved characters (like < and >) into safe text. It also includes a searchable cheat sheet for common typography symbols, math operators, and currency signs.
Security First: When you allow users to input text (like a comment or profile bio), you must encode that text before displaying it back on a web page to prevent malicious scripts from executing.
Core Features
- Bidirectional EncodingEasily convert raw HTML strings (like
<script>) into escaped entity strings (like<script>), or decode entities back into raw text. - Comprehensive Cheat SheetDon't remember the code for a copyright symbol (
©) or an em-dash (—)? Use our built-in reference table to find the exact name or decimal code you need. - Local ProcessingLike all our tools, processing is done securely within your local browser environment.
Common Reserved Characters
| Character | Entity Name | Description |
|---|---|---|
| < | < | Less than (Starts an HTML tag) |
| > | > | Greater than (Ends an HTML tag) |
| & | & | Ampersand (Starts an HTML entity) |
| " | " | Double quote (Wraps attribute values) |
Related Tools
JSON Escape / UnescapeNeed to escape strings for a JSON payload rather than an HTML document? Use our JSON string escaper.URL Encoder / DecoderIf you are placing data inside a URL or query string, you must use URL Percent-Encoding instead of HTML Entities.Lorem Ipsum GeneratorGenerate placeholder text to fill out your newly secured HTML templates.
Categories
Frequently Asked Questions
What are HTML Entities?
In HTML, certain characters have special meaning. For example, the less-than sign (
<) is used to start HTML tags. If you want a browser to display the actual character < instead of trying to parse it as code, you must replace it with its corresponding entity reference (<).Why use entity names vs entity numbers?
An entity name (like
© for the copyright symbol) is generally easier for a developer to remember and read in source code. An entity number (like ©) works exactly the same way and often has slightly better browser compatibility for extremely obscure symbols, but for common characters, names are preferred.
