⌘K
We use cookies to improve your experience
We use essential cookies to make our site work. With your consent, we may also use non-essential cookies to improve user experience.
Definition
HTML entities are special codes used to represent reserved characters and special symbols in HTML. For example, < displays as <, & displays as &, and © displays as the copyright symbol. Entities prevent browsers from interpreting characters as HTML markup.
In HTML, certain characters have special meaning: < and > delimit tags, & starts entity references, and " delimits attribute values. To display these characters as text content, they must be encoded as entities: < > & ". Without encoding, a < character would be interpreted as the start of an HTML tag, potentially breaking the page or creating security vulnerabilities.
HTML entities come in three forms: named entities (& < > ©), decimal numeric entities (& < >), and hexadecimal numeric entities (& < >). Named entities are readable but only a subset of Unicode characters have names. Numeric entities can represent any Unicode character.
Proper HTML encoding is critical for security. Failing to encode user-supplied content before inserting it into HTML enables Cross-Site Scripting (XSS) attacks. An attacker could inject