Mello
{} Developer

HTML Entity Encoder / Decoder

Escape text to HTML entities, or decode entities back to characters.

Runs in your browserNo account requiredNo uploadFree
Loading tool…

About HTML Entity Encoder / Decoder

HTML Entity Encoder / Decoder either escapes characters that have special meaning in HTML into their entity form, or resolves entities back into the underlying characters. Encoding lets you safely drop arbitrary text — a user comment, an error message containing < or & — into an HTML page without breaking the markup or opening an injection hole. Decoding turns escaped HTML back into the plain text a human would read.

Worked example: the string '<p>Tom & Jerry</p>' encodes to '&lt;p&gt;Tom &amp; Jerry&lt;/p&gt;', which a browser renders exactly as that literal text rather than parsing it as a paragraph. Going the other way, '&copy; 2026 &mdash; Mello' decodes to '© 2026 — Mello'. The five HTML-unsafe characters — & < > " ' — are always handled; non-ASCII characters can optionally be encoded too.

Two switches control the output. Named vs numeric entities chooses between the readable form (&copy;, &amp;) and the universal form (&#169;, &#38;) — named entities are friendlier in source, numeric ones work everywhere regardless of the document's entity set or DOCTYPE. Minimal vs all controls how much is escaped: minimal only touches the five unsafe characters, while all also escapes every non-ASCII character (useful when you cannot rely on the document being UTF-8). One thing to remember: escaping for HTML body content is not the same as escaping for an HTML attribute, a URL, or a JavaScript string — context-appropriate encoding is what actually prevents XSS.

Encoding and decoding both run in your browser, using the native HTML parser for decoding so every standard named entity is resolved. Drafts and unpublished copy are never uploaded.

Frequently asked questions

Named entities (&copy;, &amp;) are readable in source. Numeric entities (&#169;, &#38;) work everywhere regardless of the document's DOCTYPE and entity set. Both render identically in modern browsers.

More developer tools

JSON Formatter & Validator
Paste JSON to format, validate, or minify — runs entirely in your browser.
{}Developer
Base64 Encoder / Decoder
Encode to Base64 or decode it back — handles UTF-8 correctly.
{}Developer
JSON ↔ CSV Converter
Convert between JSON and CSV — round-trip safe, runs locally.
{}Developer
Regex Tester
Build and test JavaScript regular expressions with live highlighting.
{}Developer
UUID / GUID Generator
Generate cryptographically random UUID v4 identifiers.
{}Developer
Number Base Converter
Convert a number between binary, octal, decimal, hex, and any base 2–36.
{}Developer