Developer Tools
HTML Entity Encoder & Decoder
Convert special characters to named, decimal, or hex HTML entities instantly. Includes 250+ entity reference table. 100% client-side.
0 characters
0 characters
Free Online HTML Entity Encoder & Decoder — Character Converter
What Are HTML Entities?
HTML entities are special codes used to represent characters that have reserved meaning in HTML or that cannot be typed directly on a keyboard. For example, the less-than sign (<) would be interpreted as the start of an HTML tag if typed directly, so it must be written as < in the HTML source. Our free HTML entity encoder and decoder converts between readable characters and their HTML entity equivalents instantly, with support for named, decimal, and hexadecimal formats.
How to Use This Tool
Select Encode or Decode mode using the toggle at the top. In Encode mode, type or paste text containing special characters, and the tool converts them to HTML entities. Choose your preferred format — named entities (&), decimal (&), or hexadecimal (&). In Decode mode, paste HTML entities and see the decoded readable text. The 250+ entity reference table below the tool lets you browse and copy entities by category.
Key Features
- Three entity formats — named, decimal, and hexadecimal output
- Encode and decode modes — bidirectional conversion with one-click toggle
- Smart encoding — option to encode only unsafe characters or all non-ASCII characters
- 250+ entity reference table — searchable and filterable by category
- One-click copy — copy any entity from the reference table instantly
- 100% client-side — your data never leaves your browser
Why HTML Entities Matter
HTML entities serve two critical purposes in web development. First, they prevent the browser from misinterpreting reserved characters as HTML syntax — without encoding, a < character would start a new HTML tag. Second, they protect against cross-site scripting (XSS) attacks by ensuring that user-provided content is displayed as text rather than executed as HTML or JavaScript. Every web application that renders user input must encode special characters to prevent security vulnerabilities. Additionally, entities ensure consistent rendering across different browsers, email clients, and character encodings.
Common Use Cases
- Web developers — encoding special characters in HTML templates and dynamic content
- Email developers — encoding characters for maximum email client compatibility
- Security engineers — sanitizing user input to prevent XSS attacks
- Content authors — inserting copyright symbols, em dashes, and typographic characters
- CMS developers — debugging double-encoded or incorrectly encoded content
Tips and Best Practices
Always encode the five reserved HTML characters (<, >, &, ", ') when rendering user-provided content to prevent XSS vulnerabilities. Use named entities when available for readability (© is clearer than ©), but fall back to decimal or hex entities for characters without named equivalents. When building email templates, encode all non-ASCII characters for maximum compatibility across email clients. Be careful not to double-encode — if you see & rendered as & instead of &, the content was encoded twice. This tool detects and warns about double-encoded input.