HTML Escape / Unescape

Escape special HTML characters to prevent XSS attacks, or unescape HTML entities back to their original characters.

Raw HTML

0 charsDrop file

Escaped Output

0 chars

Related Tools

<h>

HTML Formatter

Beautify and pretty-print HTML documents with proper indentation

URL Parser

Break down any URL into protocol, hostname, path, query parameters and hash

Frequently Asked Questions

Why escape HTML characters?

Escaping HTML converts characters like <, >, &, and " into their HTML entity equivalents, preventing them from being interpreted as HTML markup. This is essential for preventing XSS (Cross-Site Scripting) attacks.

What characters are escaped?

The following characters are escaped: &, <, >, ", ', /, `, and =. These are the characters most commonly exploited in XSS attacks.

All processing happens in your browser. No data is sent to any server.