HTML Entity Encoder & Decoder
Escape reserved characters to HTML entities or decode entities back to text. Choose named or numeric entities and optionally escape every non-ASCII character. Decoding handles named, decimal and hex entities.
About the HTML entity encoder & decoder
HTML entities let you display reserved characters like <, >, & and quotes as literal text instead of having the browser interpret them as markup. Bytewrench's tool encodes text to HTML entities and decodes entities back to plain text, with options for named or numeric entities and for escaping all non-ASCII characters.
It's essential for safely displaying code samples, preventing markup from breaking, and mitigating HTML-injection issues. Everything runs locally in your browser.
Escape <, >, &, quotes and more to entities, or decode named, decimal and hex entities back to text.
Choose human-readable named entities or numeric (&#NNN;) output.
Optionally convert every non-ASCII character to a numeric entity for maximum compatibility.
Converts as you type, entirely in your browser.
Frequently asked questions
What is the difference between named and numeric entities?
Named entities like & are readable, while numeric entities like & or & reference the character's code point. Both render identically; numeric works even where a named entity isn't defined.
Does encoding HTML entities prevent XSS?
Escaping <, >, &, and quotes before inserting untrusted text into HTML is an important defence, but full XSS protection also depends on context (attributes, URLs, scripts). Treat it as one layer, not a complete solution.
Can it decode hex and decimal entities?
Yes. It decodes named entities plus decimal (<) and hexadecimal (<) numeric references.
Is my text sent anywhere?
No. All encoding and decoding happen locally in your browser.