HTML Entity Encoder & Decoder
Convert special characters to and from HTML entities — instantly, privately, in your browser.
Named uses mnemonic entities like & and <. Decimal uses &. Hex uses &. Decode automatically detects all three formats.
XSS-safe encoding
Escaping reserved characters prevents browsers from misinterpreting your text as markup, closing a common attack vector.
Real-time conversion
Encode and decode as you type. No server round-trip means instant results and total privacy.
Full Unicode support
Handles emoji, accented characters, math symbols, and every script covered by Unicode.
What are HTML entities?
HTML uses a small set of characters for its own syntax: angle brackets define tags, ampersands start entity references, and quotes wrap attribute values. When you want to display these characters as literal text — for example inside a code tutorial, a user comment, or a data export — you must replace them with HTML entities so the browser knows to render them rather than parse them as markup.
Named entities like &, <, and > are easy to read and remember. Decimal entities like & work everywhere HTML is accepted. Hex entities like & are compact for large code points and popular with developers who work in low-level formats.
When should I use HTML encoding?
Use HTML entity encoding whenever you insert untrusted or unpredictable text into a web page. This includes rendering user comments, displaying server logs, embedding code snippets, showing JSON inside documentation, and exporting data to email templates. It is also essential when building HTML emails, because many email clients are stricter than browsers and will break or render incorrectly if reserved characters are left unescaped.
How does the decoder work?
The decoder scans your input for three patterns: named entities beginning with & and ending with ;; decimal entities of the form {; and hexadecimal entities of the form {. It replaces each match with the corresponding Unicode character, so a string like <div> becomes <div>.
Frequently asked questions
›What is an HTML entity?
An HTML entity is a special code used to represent characters that have reserved meaning in HTML or that cannot be easily typed on a keyboard. Entities begin with an ampersand (&) and end with a semicolon (;). For example, the less-than sign (<) is written as < so browsers don't confuse it with the start of an HTML tag. Other common entities include & for &, > for >, and " for double quotes.
›What are named, decimal, and hexadecimal HTML entities?
Named entities use a human-readable name like &amp; for &, < for <, or © for the copyright symbol ©. Decimal entities use the character's Unicode code point in base 10, like & for & or © for ©. Hexadecimal entities use the same code point in base 16 prefixed with x, like & for & or © for ©. All three formats are valid in HTML and XML. This tool lets you choose which format to use when encoding.
›Why do I need to encode special characters in HTML?
HTML reserves certain characters for markup syntax. The angle brackets < and > define tags, the ampersand & begins entities, and double quotes delimit attributes. If you embed raw text that contains these characters — for example user-generated content, code snippets, or data from an API — browsers may misinterpret them as markup, breaking your page or creating cross-site scripting (XSS) vulnerabilities. Encoding converts them into safe entity representations that render correctly without being parsed as HTML.
›Does this tool encode all Unicode characters?
Yes. When encoding, characters outside the basic ASCII range (code points 128 and above) are converted to decimal or hexadecimal entities based on your selected format. This includes emoji, mathematical symbols, currency signs, accented letters, and characters from non-Latin scripts. When decoding, the tool handles all standard entity formats including named, decimal, and hexadecimal forms.
›Is my data sent to a server?
No. All encoding and decoding is performed entirely inside your browser using JavaScript. Your input is never uploaded, stored, or logged on any server. This makes the tool safe for sensitive content such as proprietary code, private messages, or confidential data.
›Can I decode a string that mixes different entity types?
Yes. The decoder automatically detects and converts named entities (like &), decimal entities (like &), and hexadecimal entities (like &) in the same input. It processes them in the correct order so that mixed strings decode accurately back to the original plain text.
›What is the difference between HTML entities and URL encoding?
HTML entities make characters safe to embed inside HTML document content and attributes. They use the &...; syntax. URL encoding (percent-encoding) makes characters safe to embed inside a web address. It uses %HH syntax where HH is a hexadecimal byte value. They solve different problems: use HTML entities when writing content inside a web page, and URL encoding when constructing links, query parameters, or API requests.
›Do HTML entities work in XML and SVG?
Yes. HTML entities are valid in XML documents and SVG files as well. However, XML is stricter than HTML: every entity must be properly closed with a semicolon, and only a core set of named entities is predefined in XML. For full compatibility across HTML, XML, and SVG, using decimal or hexadecimal entities is the safest choice because they rely on Unicode code points rather than predefined names.
More free developer tools
Part of our growing tool belt — all client-side, all free.