Q: Is my data secure?
Yes. All processing happens entirely in your browser. No data is ever sent to any server.
Q: Which characters are escaped?
The tool escapes the five characters that have special meaning in HTML: < (<), > (>), & (&), " ("), and ' ('). These are the characters that could cause rendering issues or security vulnerabilities if left unescaped.
Q: What is the difference between escape and unescape?
Escaping converts special characters to their HTML entity representations (e.g., < becomes <). Unescaping does the reverse, converting entities back to their original characters. Use escape when inserting user content into HTML, and unescape when extracting text from HTML source.
Q: Why is HTML escaping important for security?
Unescaped user input can lead to Cross-Site Scripting (XSS) attacks, where malicious scripts are injected into web pages. Properly escaping HTML entities ensures that user-provided content is displayed as text rather than executed as code.