Skip to content
arnaud.app

HTML Entity Encoder / Decoder

Encode and decode HTML entities, named and numeric.

Runs in your browser

Paste text to escape the five XML-significant characters (& < > " '), or paste HTML with entities to decode them back. Optionally encode all non-ASCII chars as numeric references for ultra-safe transport.

How to use it

  1. Pick encode or decode

    Encode escapes characters; decode reverses.

  2. Choose scope

    By default only the five XML-significant characters get encoded. Enable the option to escape every non-ASCII char.

  3. Copy the result

    Output updates instantly. Copy button next to the heading.

What is it?

HTML entity encoding replaces characters with special meaning in HTML (& < > " ') by their named (&amp;) or numeric (&#38;) entity references. Decoding does the reverse. It's the safety layer between raw text and the DOM - the difference between rendering 'Tom & Jerry' as text vs. interpreting & as the start of an entity.

When to use it

Sanitising user input before inserting into innerHTML. Cleaning a scraped page for storage. Decoding RSS or atom feeds. Debugging why a stray &amp; appears in a rendered page. Preparing JSON-embedded HTML for inclusion in script tags.

Common mistakes

Encoding inside an attribute and forgetting that quotes need to be encoded too. Encoding text that's already encoded - double escaping. And confusing HTML entity encoding with URL percent-encoding: they solve different problems and use different syntax.

FAQ

When do I need to encode HTML entities?
Whenever you embed user-supplied text in an HTML page and want to avoid XSS, broken markup or display glitches. Server-side templates do this automatically; client-side string concatenation does not.

Related tools

URL Encoder / Decoder
Percent-encode and decode URLs and query strings.
Base64 Encoder / Decoder
Encode and decode Base64 strings (text and files).
JSON Formatter & Validator
Format, minify and validate JSON instantly.

More in this category