HTML Character Encoder - Entity Converter Tool

Encode special characters to HTML entities for safe display in web pages. Prevent XSS attacks and display code correctly.

&
&
<
&lt;
>
&gt;
"
&quot;
'
&#39;
©
&copy;
®
&reg;
&trade;
&euro;
£
&pound;
¥
&yen;
&mdash;
&ndash;
&hellip;
&bull;
°
&deg;

Why Encode HTML Characters?

HTML entities are encoded representations of special characters. Encoding prevents browsers from interpreting characters as HTML code, which is essential for security (preventing XSS attacks) and for displaying code snippets on web pages.

Security: Preventing XSS

Cross-Site Scripting (XSS) attacks occur when user input is rendered as HTML without encoding. If a user submits <script>malicious code</script>, it will execute unless encoded to &lt;script&gt;.

Required Encodings

  • & → &amp; - Ampersand (entity prefix)
  • < → &lt; - Less than (opens tags)
  • > → &gt; - Greater than (closes tags)
  • " → &quot; - Quote (attribute delimiter)
  • ' → &#39; - Apostrophe (attribute delimiter)

Entity Formats

  • Named: &copy; → © (human-readable)
  • Decimal: &#169; → © (Unicode codepoint)
  • Hexadecimal: &#xA9; → © (hex codepoint)

When to Encode

  • Displaying user-generated content
  • Showing code examples in tutorials
  • Embedding data in HTML attributes
  • Generating HTML server-side

Encoding Tools

HTML EncoderEscape HTMLEntity EncoderURL EncoderURL ParamsBase64Base64 EncodeUnicodeJSON FormatterJSON EscapeCase ConverterString Utils