How to Encode HTML Entities

Q: What is the difference between named, numeric, and hex entities?

Named entities use human-readable names (& for &). Numeric entities use decimal code points (&). Hex entities use hexadecimal code points (&). All three produce the same result in browsers. Named entities are easier to read but only cover a limited set of characters.

Q: Do I need to encode all special characters?

At minimum, you must encode &, , and " in HTML content. Single quotes should be encoded in HTML attributes. Other characters like ©, ™, and em dashes are optional but recommended for maximum compatibility across character encodings.

Updated: April 5, 2026

HTML entities are escape sequences that represent special characters in HTML documents. Without proper encoding, characters like < and & can break your page or introduce security vulnerabilities. This guide covers when and how to encode them.

When You Need HTML Entity Encoding

Displaying user-submitted content in web pages
Writing HTML code examples in documentation
Including special characters in HTML emails
Embedding symbols like ©, ™, or → that may not be in the default charset
Preventing XSS (cross-site scripting) in web applications

The Three Entity Formats

Step 1: Named Entities

Named entities use descriptive names preceded by & and ending with ;:

&amp;   → &
&lt;    → <
&gt;    → >
&quot;  → "
&copy;  → ©
&mdash; → —

These are the most readable but only about 250 characters have named entities.

Step 2: Numeric (Decimal) Entities

Numeric entities use the character's Unicode code point in decimal:

&#38;   → &
&#60;   → <
&#169;  → ©
&#8212; → —

Step 3: Hex Entities

Hex entities use the hexadecimal code point, prefixed with &#x:

&#x26;   → &
&#x3C;   → <
&#xA9;   → ©
&#x2014; → —

The Five Essential Entities

At a minimum, always encode these five characters in HTML content:

& → & (ampersand — must be encoded or it starts an entity)
< → < (opens an HTML tag)
> → > (closes an HTML tag)
" → " (closes an HTML attribute)
' → ' (closes a single-quoted attribute)

Tips

Most modern frameworks (React, Vue, Angular) auto-encode text content — but raw HTML via dangerouslySetInnerHTML or v-html does not
Use our HTML Entity Encoder to quickly convert text and compare named vs numeric output
For URL-safe encoding, use the URL Encoder instead — HTML entities and percent-encoding serve different purposes
The Base64 Encoder is another common encoding tool for embedding binary data in HTML

FAQ

Why do I need to encode HTML entities?

Browsers interpret characters like <, >, and & as HTML markup. If you display user-generated text without encoding these characters, the browser may parse them as tags or break your page layout. Encoding converts them to safe representations like < and &.

What is the difference between named, numeric, and hex entities?

Named entities use human-readable names (& for &). Numeric entities use decimal code points (&). Hex entities use hexadecimal code points (&). All three produce the same result in browsers. Named entities are easier to read but only cover a limited set of characters.

Do I need to encode all special characters?

At minimum, you must encode &, <, >, and " in HTML content. Single quotes should be encoded in HTML attributes. Other characters like ©, ™, and em dashes are optional but recommended for maximum compatibility across character encodings.

Is HTML entity encoding the same as URL encoding?

No. HTML entity encoding (e.g., &) is for displaying special characters in HTML documents. URL encoding (e.g., %26) is for including special characters in URLs. They serve different purposes and use different formats.

Try It Now

Ready to encode your HTML? Open the HTML Entity Encoder — it works entirely in your browser with no sign-up required.