HTML Entity Encoder/Decoder
Encode and decode HTML entities — convert &, <, >, ", ' and special chars to their HTML entity equivalents.
Character Reference Table (37 entities)
| Entity | Character | Code Point | Description |
|---|---|---|---|
| & | U+0026 | ||
| < | U+003C | ||
| > | U+003E | ||
| " | U+0022 | ||
| ' | U+0027 | ||
| U+00A0 | |||
| © | U+00A9 | ||
| ® | U+00AE | ||
| € | U+20AC | ||
| £ | U+00A3 | ||
| ¥ | U+00A5 | ||
| ¢ | U+00A2 | ||
| ° | U+00B0 | ||
| ± | U+00B1 | ||
| × | U+00D7 | ||
| ÷ | U+00F7 | ||
| µ | U+00B5 | ||
| · | U+00B7 | ||
| « | U+00AB | ||
| » | U+00BB | ||
| — | U+2014 | ||
| – | U+2013 | ||
| “ | U+201C | ||
| ” | U+201D | ||
| ‘ | U+2018 | ||
| ’ | U+2019 | ||
| … | U+2026 | ||
| ™ | U+2122 | ||
| • | U+2022 | ||
| ← | U+2190 | ||
| → | U+2192 | ||
| ↑ | U+2191 | ||
| ↓ | U+2193 | ||
| ♠ | U+2660 | ||
| ♣ | U+2663 | ||
| ♥ | U+2665 | ||
| ♦ | U+2666 |
History
Encode and decode HTML entities. Part of the freeq.one tools suite.
About This Tool
HTML entities are special codes that represent characters in HTML. They begin with an ampersand (&) and end with a semicolon (;). There are three types: named entities like © for ©, numeric decimal entities like ©, and hex entities like ©. This tool lets you encode and decode HTML entities with a searchable reference table of over 200 named entities that you can click to insert directly into your input.
HTML encoding is crucial for web development. When you include characters like <, >, &, or quotes in HTML content, they can be misinterpreted as markup. Encoding them as entities ensures they display correctly as text. This is also a fundamental defense against cross-site scripting (XSS) attacks — always encode user-generated content before rendering it in HTML. The reference table built into this tool is a handy resource for discovering entity codes for symbols, accented letters, mathematical operators, and punctuation marks from every major language.
Common Use Cases
- Escaping special characters (<, >, &, ", ') in HTML content to prevent rendering issues and XSS vulnerabilities
- Decoding encoded HTML entities from scraped web content for text analysis or display
- Converting symbols like © (copyright), ® (registered), ™ (trademark), and € (euro) into their proper HTML codes
- Writing mathematical expressions with Greek letters and operators in HTML content
- Adding special punctuation and accented characters (é, ñ, ü) for multilingual websites
- Creating HTML email templates that display correctly across all email clients
Pro Tips
- Always encode user-generated content before rendering to prevent XSS attacks
- Use named entities for common symbols (they are easier to read) and decimal/hex entities for obscure ones
- The reference table is clickable — simply click any entity to insert it at the end of your input text
- For non-ASCII characters that are not in the entity list, consider using numeric character references
Frequently Asked Questions
- What is the difference between a named entity and a numeric entity?
- Named entities use descriptive names like
©(©). Numeric entities use decimal numbers like©or hex numbers like©. Named entities are easier to remember but only exist for common characters. Numeric entities can represent any Unicode character. - Do I need to encode the ampersand character?
- Yes. In HTML, the ampersand (&) starts an entity, so a literal ampersand must be encoded as
&. This is especially important in URLs (where & separates query parameters) and in any text that might contain the & symbol. - Does HTML encoding prevent XSS attacks?
- Yes, HTML encoding is a critical defense against XSS. By encoding characters like <, >, &, and quotes, you ensure user input is treated as text rather than executable markup. Always combine encoding with other security measures like Content Security Policy headers.
- What characters should I always encode in HTML?
- The five essential characters are: < (less than), > (greater than), & (ampersand), " (double quote), and ' (apostrophe/single quote). All other characters are optional to encode but helpful for compatibility across different character encodings.
Also check out our Hash Generator for more security tools. Part of the FreeQ.One tools suite.