ToolBox.Online

HTML Entity Encoder & Decoder — Encode HTML Entities Online [2026]

Encode special characters to HTML entities and decode HTML entities back to text. Supports named entities (&, <) and numeric entities (&). Free, browser-based, instant results.

Result will appear here...

Common HTML Entities Reference

CharacterEntityDescription
&&Ampersand
<&lt;Less than
>&gt;Greater than
"&quot;Double quote
'&apos;Apostrophe
(space)&nbsp;Non-breaking space
©&copy;Copyright
®&reg;Registered
&trade;Trademark
&euro;Euro sign
£&pound;Pound sign
&mdash;Em dash
&ndash;En dash
&hellip;Ellipsis
°&deg;Degree

What is HTML Entity Encoder/Decoder?

HTML entities are special codes used to represent characters that have special meaning in HTML or that cannot be easily typed on a keyboard. For example, the less-than sign (<) is written as &lt; in HTML because a bare < would be interpreted as the start of an HTML tag. The most commonly used HTML entities include: - &amp;lt; for < (less than) - &amp;gt; for > (greater than) - &amp;amp; for & (ampersand) - &amp;quot; for " (double quote) - &amp;apos; for ' (apostrophe) - &amp;nbsp; for a non-breaking space HTML entities come in two forms: **named entities** like &amp;amp; (human-readable names) and **numeric entities** like &amp;#38; (Unicode code point numbers). Both produce the same result in a browser. Encoding HTML entities is essential for preventing XSS (Cross-Site Scripting) attacks, displaying code snippets in web pages, and ensuring special characters render correctly across all browsers.

How to Use HTML Entity Encoder/Decoder

Paste your text containing special characters (like <, >, &, ", ') into the input field. Click "Encode" to convert them into HTML entities. The tool produces named entities (e.g., &amp;amp; for &) by default where available, falling back to numeric entities (e.g., &amp;#38;) for less common characters. To decode, paste HTML-encoded text and click "Decode" to convert entities back to their original characters. Use the copy button to copy the result to your clipboard.

How HTML Entity Encoder/Decoder Works

The encoder/decoder processes text character by character: **Encoding:** Each character in the input is checked against a lookup table of HTML entities. Characters with well-known named entities (like < → &lt;) are converted to their named form. Other special characters are converted to their numeric entity form using the Unicode code point (e.g., © → &#169;). Regular alphanumeric characters are left unchanged. **Decoding:** The tool scans the input for entity patterns — both named entities (starting with & and ending with ;) and numeric entities (&#DDD; for decimal or &#xHHH; for hexadecimal). Each entity is replaced with the corresponding character using a reverse lookup table and String.fromCodePoint() for numeric entities. All processing happens entirely in your browser — no data is sent to any server.

Common Use Cases

  • Encoding user input to prevent XSS (Cross-Site Scripting) vulnerabilities
  • Preparing code snippets for display in blog posts and documentation
  • Converting special characters in email templates for correct rendering
  • Encoding characters for embedding in XML and RSS feeds
  • Fixing broken characters in copy-pasted text from other applications
  • Decoding HTML entities found in API responses or scraped web content

Frequently Asked Questions

What are HTML entities?

HTML entities are special codes that represent characters in HTML. They start with an ampersand (&) and end with a semicolon (;). For example, &lt; represents <, &amp; represents &, and &#169; represents ©. They are needed because some characters have special meaning in HTML (like < and >) or cannot be typed directly.

What is the difference between named and numeric entities?

Named entities use human-readable names like &amp; (ampersand) or &lt; (less than). Numeric entities use the Unicode code point number, either in decimal (&#38;) or hexadecimal (&#x26;) form. Both produce the same character. Named entities are easier to read, but not all characters have named entities — numeric entities can represent any Unicode character.

Why do I need to encode HTML entities?

Encoding is essential for three reasons: (1) Security — encoding user input prevents XSS attacks where malicious HTML/JavaScript could be injected. (2) Correctness — characters like < and > must be encoded so browsers do not interpret them as HTML tags. (3) Compatibility — encoding ensures special characters display correctly across all browsers and email clients.

Which characters must be encoded in HTML?

Five characters must always be encoded in HTML content: < (less than) → &lt;, > (greater than) → &gt;, & (ampersand) → &amp;, " (double quote) → &quot; (in attributes), and ' (apostrophe) → &apos; (in attributes). Other characters like ©, ®, €, and non-ASCII characters can optionally be encoded for compatibility.

Does this tool support all Unicode characters?

Yes. The tool can encode any Unicode character to its numeric entity form (&#DDDD;) and decode any valid HTML entity — named or numeric, decimal or hexadecimal — back to the original character. This includes emojis, CJK characters, mathematical symbols, and all other Unicode code points.

Is the encoding/decoding done securely?

Yes. All processing happens entirely in your browser using JavaScript. No text is transmitted to any server, no data is stored, and no cookies track your input. The tool uses the browser's built-in DOMParser for decoding, which safely handles all entity types without executing any embedded scripts.

Related Tools

Base64 Encode/Decode

Paste text → get Base64 encoded output, or paste Base64 → get decoded text. One-...

Morse Code Translator

Convert text to Morse code and Morse code to text instantly. Listen to the audio...

HTML to JSX

Paste HTML → get valid JSX instantly. Auto-converts class→className, inline styl...