inicio/dev/html-entities

HTML Entity Encoder & Decoder Online

Encode & decode HTML characters

Cómo usar Entidades HTML

  1. 1

    Paste your text or HTML

    Enter text with special characters or HTML entities.

  2. 2

    Encode or Decode

    Click the appropriate button to convert.

  3. 3

    Copy result

    Copy the processed text to your clipboard.

Preguntas frecuentes

Is my data safe?
Yes. All processing happens entirely in your browser. Your data never leaves your device and is never uploaded to any server.
Which entities are supported?
All standard HTML5 named entities (&, <, >,  , ©, and hundreds more), all decimal numeric entities (&), and all hexadecimal entities (&) are supported.
When should I encode HTML entities?
Always encode user-supplied content before inserting it into HTML to prevent XSS attacks. Also encode when embedding code examples in web pages, so the browser displays < and > as characters rather than interpreting them as HTML tags.
What is the difference between named and numeric entities?
Named entities (&amp;amp;) are human-readable but require browser support for the name. Numeric entities (&amp;#38;) work in any HTML context and are safer for email templates where client support varies. Both represent the same character.
Does encoding all characters break my HTML?
Encoding characters inside attribute values and text nodes is safe. Do not encode characters that are structural HTML syntax — for example, do not encode the < and > in actual HTML tags or the = in attribute assignments.

Saber más

¿Qué es HTML Entities?

Encode special characters as HTML entities to prevent XSS vulnerabilities and display issues, or decode HTML entities back to human-readable text. Handles all three entity formats: named entities (&amp;amp;, &amp;lt;, &amp;nbsp;), decimal numeric entities (&amp;#38;), and hexadecimal entities (&amp;#x26;). Essential for safely displaying user-generated content, embedding code samples in HTML, and debugging CMS-generated markup. All processing happens in your browser — no sign-up, no server uploads.

¿Por qué usar HTML Entities?

  • Prevent XSS vulnerabilities — encoding user input before rendering it in HTML is a fundamental web security practice.
  • Display code samples safely — encode < and > characters so code snippets display correctly without the browser interpreting them as tags.
  • Supports all three entity formats — named (&amp;amp;), decimal (&amp;#38;), and hexadecimal (&amp;#x26;) entities.
  • Decode CMS output — some content management systems over-encode content. Decode entities to see the actual characters.
  • Completely private — your HTML content never leaves your browser.

Casos de uso de HTML Entities

XSS prevention

Encode user-supplied content before inserting it into HTML templates. Characters like <, >, ", and & are encoded to prevent script injection attacks.

Code sample display

Encode HTML code snippets before embedding them in tutorial content, documentation, or blog posts so they display as text rather than being parsed as markup.

Email HTML templates

Some email clients handle special characters inconsistently. Use numeric HTML entities for non-ASCII characters to ensure consistent rendering across all clients.

CMS debugging

Decode HTML entity-heavy content exported from CMSes (WordPress, Drupal) to read the original text and spot unwanted encoding artifacts.

Consejos y buenas prácticas

  • 💡Always encode at minimum these five characters for XSS safety: & (&amp;), < (&lt;), > (&gt;), " (&quot;), and ' (&apos; or &#39;).
  • 💡Use numeric entities (&amp;#160; for non-breaking space, &amp;#8212; for em dash) in email templates — they render correctly in more email clients than named entities.
  • 💡Do not double-encode. If content is already encoded (e.g., &amp;amp;) and you encode it again, you get &amp;amp;amp; which displays incorrectly.
  • 💡The &amp;nbsp; entity creates a non-breaking space that prevents line wrapping between two words. Useful in UI labels like '10 MB' or 'New York'.

Cómo funciona

Encoding uses a lookup table covering all HTML5 named entities defined in the WHATWG HTML specification. For the opposite direction, decoding uses a hidden DOM text node with innerHTML assignment — the browser's own HTML parser handles entity decoding, guaranteeing 100% compatibility with the HTML5 entity reference. This approach correctly handles all named entities, decimal numeric entities, and hexadecimal entities without maintaining a separate decode lookup table.

Más Herramientas para Desarrolladores

JSON Formatter JSON Validator JSON Minifier Base64 JWT Decoder Regex Tester Generador de Hash Codificador/Decodificador de URL UUID Generator Marca de Tiempo Unix Base Numérica Código a Imagen Minificador HTML/CSS/JS Diferencia de Código CSS Gradient Generator Box Shadow Generator Glassmorphism Generator Flexbox Generator CSS Grid Generator Clip-Path Generator Generador de Datos Falsos Cron Expression Generator SQL Formatter XML Formatter CSV Viewer Conversor de Zona Horaria Conversor de Color JSON a CSV YAML a JSON

También te puede interesar

Vista Previa de MarkdownHerramientas de Texto Generador de MetaetiquetasHerramientas de Redes Sociales