正在加载,请稍候…

HTML Entity Encoder & Decoder

Escape or unescape HTML entities — replace characters like <, >, &, " and ' with their HTML entity names or numeric codes. Supports named and decimal entities.

How to Use

  1. Step 1: Enter HTML text with special characters or enter entities to decode.
  2. Step 2: Choose Encode or Decode mode.
  3. Step 3: The result updates in real-time. Click Copy to copy.

Frequently Asked Questions

What are HTML entities?

HTML entities are special codes to display reserved characters in HTML. For example &lt; renders as < and &amp; renders as &.

Why do I need to escape HTML?

Escaping HTML prevents XSS attacks when displaying user-generated content.

Which characters must always be escaped in HTML?

In content: < becomes &lt;, > becomes &gt;, & becomes &amp;. In attribute values: double quote becomes &quot;, single quote becomes &#39;. Proper escaping is the foundation of XSS prevention.

When is HTML entity encoding required in HTML?

Characters that must be encoded: < and > to avoid being parsed as tags (&lt; &gt;); & to avoid being parsed as an entity start (&amp;); quotes inside attribute values (&quot;). Always HTML-entity-escape user-generated content before rendering it on the page to prevent XSS (Cross-Site Scripting) attacks. Modern frameworks (React, Vue) handle this escaping automatically.