🏷️HTML Encoder / Decoder

How to Use

1. 1

   Choose mode

   Select "Encode" to convert special characters to HTML entities, or "Decode" to convert entities back to plain text.

2. 2

   Paste text

   Enter your text in the input field. The result updates automatically.

3. 3

   Copy the result

   Click "Copy" to copy the output, or "Swap" to reverse the input and output.

FAQ

What are HTML entities?

HTML entities are special character sequences used to represent characters that have special meaning in HTML (such as < and >) or that are not easily typed. For example, & becomes &amp;, < becomes &lt;, and > becomes &gt;.

When do I need to encode HTML?

You need to encode HTML when displaying user-generated content, inserting text into HTML attributes, or preventing XSS (cross-site scripting) vulnerabilities. Always encode untrusted input before inserting it into HTML.

What is the difference between named and numeric entities?

Named entities use a readable name (e.g., &amp;amp;, &amp;lt;). Numeric entities use the Unicode code point (e.g., &amp;#38;, &amp;#60;). Both are valid HTML. Named entities are more readable; numeric entities work for any character.

Does this tool prevent XSS attacks?

This tool correctly encodes characters that can cause XSS (& < > " '). However, proper XSS prevention also depends on context (HTML attributes, JavaScript, CSS) and should be handled by your server-side framework.