HTML Escape / Unescape

Escape HTML entities to prevent XSS attacks or unescape HTML entities back to readable characters.

HTML Input

Enter HTML content that you want to escape for safe display.

Loading...

Escaped HTML Output

The HTML with escaped entities, safe for display in web pages.

Loading...

Click "Escape HTML" to see the result here.

HTML Entity Reference

Common HTML entities and their escaped forms.

&
&
Ampersand
<
&lt;
Less than
>
&gt;
Greater than
"
&quot;
Double quote
'
&#x27;
Single quote
/
&#x2F;
Forward slash
&nbsp;
Non-breaking space
©
&copy;
Copyright
®
&reg;
Registered trademark
&trade;
Trademark

Why Escape HTML?

HTML escaping prevents Cross-Site Scripting (XSS) attacks by converting special characters into their HTML entity equivalents. This ensures that user input is displayed as text rather than being interpreted as HTML or JavaScript code.

Common Use Cases

  • • Displaying user-generated content safely
  • • Preventing XSS attacks in web applications
  • • Storing HTML content in databases
  • • Email template preparation
  • • API response sanitization

🔒 Privacy First: All HTML escaping and unescaping happens in your browser. Your data never leaves your device.