HTML Encoder & Decoder - Encode HTML Entities Online
Encode and decode HTML special characters to prevent XSS attacks, display code snippets, and safely render user-generated content. Convert characters like <, >, &, and quotes to their HTML entity equivalents.
Why Use HTML Encoding?
- Security: Prevent XSS and code injection attacks
- Display Code: Show HTML code snippets as text
- Safe Content: Sanitize user-generated content
- Special Characters: Display symbols like ©, ®, €
Common Use Cases
🔒 Security
Prevent XSS attacks in web applications.
📖 Documentation
Display HTML code examples in tutorials.
💬 User Content
Sanitize comments, reviews, and forum posts.
Encode HTML content for email templates.
How to Use This Tool
- Choose Mode: Select "Encode" to convert HTML to entities or "Decode" to convert back.
- Enter Content: Paste your HTML or encoded text.
- Get Result: The conversion happens instantly - copy the result.
💡 Tip: Always encode user input before displaying it on web pages to prevent XSS attacks.
HTML Encoder / Decoder
Common HTML Entities
Basic Characters
- < → < or <
- > → > or >
- & → & or &
- " → " or "
- ' → ' or '
Special Symbols
- © → © or ©
- ® → ® or ®
- ™ → ™ or ™
- € → € or €
- £ → £ or £
Math & Arrows
- × → × or ×
- ÷ → ÷ or ÷
- ± → ± or ±
- → → → or →
- ← → ← or ←
Named vs Numeric Entities
- Named Entities: Human-readable like
©for © - Numeric Entities: Unicode code points like
©for © - Hexadecimal: Hex code points like
©for © - Named entities are easier to read but limited in number
- Numeric entities work for any Unicode character
XSS Prevention Example
Dangerous (Unencoded):
<script>alert('XSS')</script>
⚠️ This would execute as JavaScript!
Safe (Encoded):
<script>alert('XSS')</script>
✓ This displays as text
Best Practices
- Always encode user-generated content before display
- Encode both on input (storage) and output (display)
- Use server-side encoding libraries for production code
- Encode the minimum necessary - don't double-encode
- Consider context - HTML encoding differs from URL encoding
Related Tools
- URL Encoder - Encode URLs and parameters
- Base64 Encoder - Encode data in Base64
- HTML Beautifier - Format HTML code