The best HTML Encode/Decode available online. Lightning-fast, privacy-first, and developer-friendly.
100% free, no signup required. Works entirely in your browser.
Open HTML Encode/DecodeEnter HTML or text with special characters.
Characters are converted to/from HTML entities.
Copy the safe HTML string.
HTML encoding is critical for preventing Cross-Site Scripting (XSS) attacks by neutralizing potentially malicious script tags and event handlers in user input. It also ensures that special characters like angle brackets and ampersands display correctly in web pages rather than being interpreted as HTML markup. Every web application that renders user content should encode HTML output.
The five critical HTML characters are encoded: < becomes <, > becomes >, & becomes &, " becomes ", and ' becomes '. Additionally, any non-ASCII characters can be converted to their numeric entity equivalents. This comprehensive encoding prevents both XSS attacks and rendering issues in browsers.
Named entities like & and < are human-readable and preferred for common characters. Numeric entities like & and < can represent any Unicode character, including those without named equivalents. Use named entities in hand-written HTML for readability and numeric entities when you need to encode special or rare characters.
