Output will appear here
Output will appear here
HTML Escape / Unescape
Convert special characters to HTML entities (<, >, &, ", ') or reverse the process. Prevents XSS when embedding user content in HTML pages.
Use Cases
- Sanitize user input before displaying in HTML pages
- Prepare code snippets for display in HTML documentation
- Escape HTML content for embedding in XML or RSS feeds
- Decode HTML entities in scraped web content
- Convert between HTML entity formats for templating engines
Frequently Asked Questions
What characters are escaped?
The five characters with special meaning in HTML are escaped: < becomes <, > becomes >, & becomes &, " becomes ", and ' becomes '.
Why is HTML escaping important?
HTML escaping prevents Cross-Site Scripting (XSS) attacks by ensuring that user-provided content is displayed as text rather than interpreted as HTML or JavaScript code.