HTML Named Entity Encoder/Decoder

Convert special characters to named entities like & and <

Encode and decode HTML using W3C named character references such as &, <, >, ", © and  . Make markup safe to display, or turn entities back into plain text. Runs entirely in your browser. It runs free in your browser on Gera Tools, with nothing uploaded.

Last updated Source: Gera Tools

Which characters get encoded?

Encoding always escapes the markup-critical characters ampersand, less-than, greater-than, double quote, and single quote. A wider table of named entities such as copyright, non-breaking space, and accented letters is also applied so the output is display-safe.

HTML named entities let you show characters that would otherwise be interpreted as markup. This tool escapes the critical characters and a useful table of common symbols into their &name; form, and decodes them back to plain text.

When you need this

The three most common reasons to encode HTML entities:

  • Displaying user content safely: if a comment field might contain <script> text that you want to show on a page rather than execute, encoding the angle brackets neutralises it for display (though a server-side sanitiser remains essential).
  • Writing HTML inside HTML: a code blog post about <div> tags needs &lt;div&gt; so the browser renders the angle brackets instead of parsing them.
  • Embedding special symbols: copyright ©, em dash , non-breaking space, and accented letters can be encoded to ensure they survive character-encoding mismatches in older email clients or XML pipelines.

Decoding is useful when a CMS or API returns entity-encoded text (&amp;amp;, &lt;h1&gt;) that you need to read or process as plain text.

How it works

Encoding replaces the ampersand first, then the remaining special characters, so no escape sequence is ever double-processed:

& -> &amp;
< -> &lt;
> -> &gt;
" -> &quot;
' -> &#39;
© -> &copy;     (non-breaking space) -> &nbsp;

The ampersand-first rule is critical: if you encoded < before &, you would produce &lt; — then a second pass over the ampersand would corrupt that into &amp;lt;.

Decoding scans for &...; references, looks each named entity up in the table, and also expands numeric references such as &#160; and &#xA0; so mixed input is handled cleanly.

Worked examples

Example 1 — encoding a user comment: Input: <b>Great article</b> & thanks! Encoded: &lt;b&gt;Great article&lt;/b&gt; &amp; thanks! The browser now displays the angle brackets literally instead of parsing them as a bold tag.

Example 2 — decoding API output: Input: &copy; 2025 Acme Corp &mdash; All rights reserved Decoded: © 2025 Acme Corp — All rights reserved Ready to display or process as plain text.

Tips and notes

  • Always encode the ampersand before any other character — the most common bug in hand-rolled escapers.
  • When placing user text inside an HTML attribute, double quotes must be escaped (&quot;), which this tool does.
  • For XML content, prefer a dedicated XML escaper: XML only recognises five standard entity names (&amp; &lt; &gt; &quot; &apos;) and rejects the hundreds of HTML-only named entities like &copy; and &nbsp;.
  • Named encoding is a display helper, not a substitute for context-aware server-side sanitisation or a trusted HTML parser when rendering user-supplied markup.