HTML Encoder & Decoder Online
Encode HTML characters to entities or decode HTML entities back to text. Essential for preventing XSS attacks and displaying code safely.
Runs entirely in your browser - no data is sent to any server.
Common HTML Entities
&<>"' ©®™€£•—–→←≠≤HTML Encoding Example (XSS Prevention)
<script>alert(1)</script><script>alert(1)</script>Encoded scripts display as text instead of executing.
HTML Encode vs Escape vs Sanitize
Convert characters to HTML entities. Preserves all content as displayable text.
Same as encoding. Terms are often used interchangeably for HTML.
Remove or strip dangerous tags entirely. More aggressive than encoding.
Essential HTML Entities
&->&<-><>->>"->"'->'(space)-> Common Symbol Entities
©®™€£¥Frequently Asked Questions
What is HTML encoding?
HTML encoding converts special characters like <, >, & into HTML entities so they display as text instead of being interpreted as markup.
When should I encode HTML?
Encode HTML when displaying user input, showing code snippets, or whenever special characters need to appear as text rather than HTML.
Does HTML encoding prevent XSS?
Yes. By converting < and > to entities, injected scripts become harmless text instead of executable code.
HTML encoding vs URL encoding?
HTML encoding is for displaying text in web pages. URL encoding is for safe transmission in URLs. Different purposes, different formats.