Escape and unescape HTML as you type
Paste text or markup and the encoded (or decoded) version appears live. Encoding makes text safe to embed in HTML; decoding turns entity soup from a feed or scraped page back into readable text.
Frequently asked questions
Which characters get encoded?
The five that break HTML: & < > " and '. Optionally, all non-ASCII characters can be encoded as numeric entities for maximum compatibility with legacy systems.
When do I need to escape HTML?
Whenever text is placed inside HTML — showing code examples on a page, putting user input in attributes, or embedding markup in XML. Unescaped < and & are also a common cause of injection bugs.
Does decoding handle named and numeric entities?
Both — &, é, and é all decode correctly, using the browser's own HTML parser.