ToolJutsu
All tools
Developer Tools

HTML Decoder

Decode HTML entities back to plain text.

Paste HTML markup or an entity-encoded string to decode it back to plain text. For the encode direction or to do both in one place, use the full HTML Encoder & Decoder.

Named entities (&,  ), decimal (©) and hex (©) numeric entities are all supported.
Processed on your device. We never see your files.

How to use HTML Decoder

What are HTML entities?

HTML entities are the escape mechanism that lets HTML carry characters that would otherwise have a special meaning in the markup. The four characters <, >, & and " all mean something structural to an HTML parser, so anywhere you want to display them as literal text in a page you write them as &lt;, &gt;, &amp; and &quot; respectively. The same mechanism is used to encode characters that were difficult to type or transmit before Unicode was universal — typographic quotes (&ldquo;, &rdquo;), arrows (&rarr;), the copyright symbol (&copy;), accented letters (&eacute;), and non-breaking spaces (&nbsp;). HTML5 defines around 250 named entities; numeric entities (decimal &#169; or hex &#xA9; for ©) can represent any Unicode codepoint, including emoji.

Why decode HTML entities?

You see HTML-encoded text in three places more than anywhere else:

  • API responses and content feeds. Many CMS-backed APIs return article bodies, comments and form-submission text with HTML entities still in place, on the assumption that the consumer will render it as HTML. If you’re processing the content as plain text (storing it in a database, running analytics on it, displaying it in a native app), you need to decode first so Don&#39;t becomes Don't.
  • Debugging escaped templates. When a web page shows literal &amp; text instead of &, something has encoded the data one too many times. Pasting the offending string here and watching it decode shows you exactly how many encoding layers are wrapped around the original — and where in your pipeline to fix the bug.
  • Examining web-scraped content. HTML scraped from a page often arrives with entities still in place, especially when extracted with a tool that pulled raw markup rather than rendered text. Decoding gives you the plain-text version a human would read.

In every case the workflow is the same: paste, read, copy.

How to decode HTML on ToolJutsu

  1. Paste your HTML-encoded text into the input box. Named entities (&amp;, &copy;, &nbsp;), decimal numeric (&#169;) and hex numeric (&#xA9;) are all accepted in the same paste.
  2. Read the result in the Decoded box. The output updates live as you type or paste — there’s no Convert button.
  3. Click the Copy button to put the decoded text on your clipboard.
  4. If you suspect double-encoding (the output still contains &something; sequences), paste the output back into the input and decode again. Each click peels off one layer.

Common scenarios

When you’re decoding an API response to display it in a native app or terminal, paste the full response in — the decoder leaves non-entity text untouched, so paragraphs of mixed entities and plain text decode cleanly without disturbing the surrounding content.

When you’re debugging an escaped template that’s rendering &amp; on the page instead of &, paste the rendered output here. If one decode brings you back to readable text, the template encoded once too many; if it takes two decodes, you’ve got double-encoding to hunt down in your CMS.

When you’re examining scraped HTML and want to extract the prose without rendering it through a full browser, this decoder gives you the same output the browser would have shown — including all the typographic quotes, em dashes and special punctuation that named entities cover.

When you need to encode rather than decode — for instance, preparing user-supplied text for safe insertion into an HTML template — use the sibling HTML Encoder. The two together let you round-trip text between escaped and unescaped forms with confidence.

Privacy

The decoder reads your input and runs it through a hidden DOM node, which is how every browser turns entity sequences back into characters. All work happens synchronously in JavaScript on your device. The page makes no network requests after the initial JavaScript loads — ToolJutsu never sees the content you paste, including any sensitive data in API responses, scraped pages or debug output.

Compatibility notes

The browser’s HTML parser is available in every desktop and mobile browser of the last 15 years, so the decoder works without polyfills in Chrome, Firefox, Safari, Edge and every mobile browser in current use. The set of recognised named entities matches the HTML Living Standard, which means anything a real web page can render through entities, this decoder can decode. If you need to decode programmatically, the same DOM-parser trick (element.innerHTML = x; return element.textContent) works in any JavaScript environment with DOM access.

Frequently asked questions

What's the difference between named and numeric HTML entities?
Named entities are mnemonic shortcuts like &amp; for &, &lt; for <, &copy; for ©, &nbsp; for a non-breaking space. Numeric entities spell out the character's Unicode codepoint — &#38; (decimal) or &#x26; (hex) for &. There are about 250 named entities defined in HTML5; numeric entities work for any Unicode character, including emoji and rare scripts. The decoder accepts all three forms — named, decimal numeric, hex numeric — because it uses the browser's own HTML parser, which is the canonical source of truth.
Are HTML entities and XML entities the same?
Mostly yes, in practice. XML defines only five predefined entities (&amp;, &lt;, &gt;, &apos;, &quot;), but in the browser's HTML parser — which is what this decoder uses — both the full HTML5 named-entity set and any numeric entity will decode correctly. If you paste XML output that uses named entities beyond those five, this decoder will still handle them; pure XML parsers may not. For decoding XML feeds, RSS, or SVG markup, this tool works fine.
Is it ever unsafe to decode HTML entities?
No — decoding is just turning escaped text back into the characters it represents. The result is plain text; it isn't executed, parsed as HTML, or rendered. The only thing to be careful about is what you do with the output afterwards: if you're going to inject the decoded text back into a web page, you may need to re-encode it (use the sibling HTML Encoder) to avoid XSS. The decode step itself is harmless.
Why do I see `&amp;amp;` in some pages?
That's double-encoding — the original & was encoded to &amp;, and then that result was encoded again, turning the & in &amp; into another &amp;. Decode once with this tool and you get &amp;; decode a second time and you get &. It's a common bug in content-management systems that run their templating engine more than once. The decoder shows you each layer one click at a time.
Is my input uploaded anywhere?
No. The decode runs entirely in JavaScript on your device using the browser's own HTML parser via a hidden DOM node — the same mechanism the browser uses to render every web page. The page loads its small JavaScript bundle once and caches it; afterwards there are no network requests, including no analytics on the content you paste. Confirm in your browser's Network tab, or disconnect Wi-Fi after the page loads and the decoder will still work.

Related tools

HTML Encoder & Decoder

Encode and decode HTML entities.

Base64 Decoder

Decode Base64 strings back to UTF-8 text in your browser.

URL Decoder

Decode percent-encoded URLs and query strings.

HTML Beautifier

Format and indent messy HTML.

Markdown to HTML

Convert Markdown into HTML.

HTML Minifier

Minify HTML markup for faster pages.