HTML Encode
Convert raw text into HTML-safe encoded output. Supports named, decimal, and hexadecimal entities. Runs entirely in your browser — no data is ever sent to a server.
Type or paste raw text here to encode it into HTML-safe entities
This is the HTML-encoded version of your input. Copy to use elsewhere.
About HTML Encoding
HTML encoding converts characters with special meaning in HTML into safe entity representations. This prevents browsers from interpreting your content as markup, which is critical for security and correctness.
The Five Critical Characters
Five characters are particularly important to encode in HTML:
&(ampersand) — starts an entity reference<(less-than) — opens an HTML tag>(greater-than) — closes an HTML tag"(double quote) — delimits attribute values'(single quote) — delimits attribute values in some contexts
Named vs Numeric Entities
Named entities like < are the most readable and widely used. Decimal numeric entities like < and hexadecimal numeric entities like < are supported universally across all HTML parsers and are useful in contexts where named entities may not be recognised.
XSS Prevention
Cross-Site Scripting (XSS) attacks inject malicious scripts into web pages by exploiting unencoded user-supplied content. Encoding user data before inserting it into HTML output is one of the most effective defences against XSS — it neutralises scripts by turning <script> into <script>, which browsers render as text rather than executing as code.
