HTML Entity Escaper
How to use this HTML entity escaper
- Paste HTML or plain text into the input box.
- Choose "Escape" to convert special characters to entities, or "Unescape" to reverse it.
- The result updates instantly on the right.
Why escape HTML entities?
Characters like <, > and & have special meaning in HTML. Escaping them (turning < into <, for example) lets you display code snippets or user-generated text safely, without the browser interpreting them as actual markup.
Does this prevent XSS attacks?
Escaping is one important layer of defense against cross-site scripting, but a complete security strategy also needs proper input validation and context-aware output encoding on the server side.
What's the difference between ' and '?
Both represent an apostrophe. ' is the numeric entity supported everywhere, while ' is a named entity that older versions of Internet Explorer didn't fully support in HTML (only XML).