HTML entity encode / decode

Client

Turn plain text into HTML-safe entities, or expand entities back to characters—useful for snippets, templates, and CMS fields. Runs entirely in your browser.

How it works

?

Encode turns &, <, >, and quotes into entity form so text is safe inside HTML.

Decode expands common named and numeric references (e.g. &amp;, &#169;) using the browser—runs locally in your tab.

Encode and decode replace the editor above; use Copy when you are done.

Common use cases

  • Escape user-facing snippets before placing them into HTML templates.
  • Decode entity-heavy content copied from CMS editors or emails.
  • Verify named and numeric entities when cleaning imported markup text.

Common mistakes to avoid

  • Escaping content multiple times

    Double encoding creates unreadable output like &amp;amp;. Encode once at the right rendering boundary.

  • Decoding untrusted text too early

    Decode only where needed. Premature decoding can reintroduce unsafe characters into rendering pipelines.

  • Assuming all entities are named

    Some sources use numeric entities. Ensure your decode step handles both named and numeric forms.

FAQ

When should I encode HTML entities?

Encode when inserting plain text into HTML contexts so symbols like angle brackets and quotes are treated as content, not markup.

Why does decoded text look different from source code?

Decoded text turns entities back into literal characters. That is expected when moving from safe markup representation to readable text.

Is entity conversion performed server-side?

No. Encode and decode operations on this page run in your browser.

More tools

Related utilities you can open in another tab—mostly client-side.