Escape reserved HTML characters so plain text can be embedded safely inside markup without breaking tags or attributes.
Characters encoded
The encoder replaces the five XML/HTML special characters:
| Character | Entity |
|---|---|
< | < |
> | > |
& | & |
" | " |
' | ' |
All other characters pass through unchanged, preserving Unicode text, line breaks, and spacing.
When to use it
Prepare user-supplied snippets for template insertion, sanitize display text in server-side HTML generation, or demonstrate why unescaped < in a comment field can break page layout.
Limitations
Entity encoding is not a complete XSS defense — context matters (attributes, scripts, URLs need additional rules). The tool does not encode every Unicode homoglyph or normalize whitespace. For rich HTML content, prefer a dedicated sanitizer rather than blind escaping.
Example
For example, enter the default sample values on the form and compare the output with a known reference; adjust one input at a time to see how the result changes.