🔣 Encoding Tool

HTML Entities Encoder / Decoder

Escape special characters to HTML entities, or decode named, decimal and hex entities back to text. Nothing leaves your browser.

Text Input

Encoded Output

Why encode HTML entities?

HTML reserves characters like <, >, & and quotes for its own syntax. If user-supplied text containing these characters is inserted into a page unescaped, the browser may interpret it as markup — the classic route to cross-site scripting (XSS) attacks and broken layouts. Encoding converts each special character into a safe entity such as &lt; or &amp;, so it is displayed literally instead of being executed or parsed.

Named, decimal and hex entities

An entity can be written three ways: a named form like &copy; for ©, a decimal form like &#169;, or a hexadecimal form like &#xA9;. Named entities are easier to read, while numeric entities cover every Unicode character — including emoji, e.g. &#x1F600; for 😀. The decoder on this page understands all three forms, and the encoder lets you choose numeric entities for all non-ASCII characters or friendly named entities where one exists.

Common uses

Developers use entity encoding to show code snippets on a web page (an HTML example must be escaped or the browser will render it), to safely display user comments and form input, and to embed characters that are hard to type — non-breaking spaces (&nbsp;), em dashes (&mdash;), arrows and typographic quotes. Everything on this page runs locally in your browser; no text is sent to any server.