HTML Entities Encoder/Decoder

Escape <, >, &, quotes to HTML entities; or decode entities back. Common for templates and XSS-safe output.

Read the full guide: Markdown, HTML, and Plain Text: Conversion and Safety β†’

Privacy: processed locally, never uploaded.

↓ Paste in the input area below to see results instantly

Enter HTML or entity string

Encode converts <, >, & to entities; decode restores readable characters.

Output

Encoded result

&lt;p&gt;Towalles &amp; &quot;tools&quot;&lt;/p&gt;

Notes

Encoded result

Special characters are escaped for safe use in HTML attributes or text nodes.

Escape <, >, &, quotes to HTML entities; or decode entities back. Common for templates and XSS-safe output.

Quick start

  1. Encode or decode

    Encode for HTML output; decode to read entity strings.

  2. Paste content

    Named and &#numeric; entities supported.

Common cases

Escaping user input in attributes, email templates, debugging HTML snippets from APIs.

Typical Workflow

When developing web pages, you may need to display HTML tags as text content rather than parsing them. For example, to show the string '<div>' on a page, writing it directly would be parsed by the browser as a tag. Encoding it to '&lt;div&gt;' ensures it displays correctly.

Another common scenario is handling user input. To prevent XSS attacks, special characters in user-submitted content should be converted to entities. For example, encoding '<script>' as '&lt;script&gt;' before storage ensures malicious code won't execute even if rendered.

Important Notes

Encoding and decoding are bidirectional, but order matters. Nested encoding can produce results like '&amp;lt;' which can't be directly parsed. It's recommended to store raw data unencoded and only encode when displaying to avoid confusion from multiple encodings.

Not all characters need encoding. Regular text (like Chinese, letters, numbers) requires no processing. Focus only on the five special characters: < > & " '. Over-encoding, while harmless, increases data size and should be avoided in performance-sensitive scenarios.

Examples

Encode

Input

<div>"hi"</div>

Output

&lt;div&gt;&quot;hi&quot;&lt;/div&gt;

FAQ

Same as URL encoding?

No. HTML entities are for markup; URL encoding is for addresses and query strings.

How much does encoding increase data size?

A single character typically adds 3-6 bytes when encoded (e.g., < β†’ &lt;). For text with many special symbols, size may increase 4-5x. But in modern web traffic, this is negligible unless processing millions of characters.