Convert HTML Entities to ASCII
Decode HTML entities to ASCII safely - named, decimal, hex. ASCII-only enforcement. Batch breakdown. Free, offline, client-side, instant.
Decode named (<), decimal (A), and hex (A) HTML entities back to text. XSS-safe - never renders HTML. Optional ASCII-only enforcement flags non-ASCII decodes with [U+XXXX].
How to Use Convert HTML Entities to ASCII
- Paste text containing entities - named (
<,©, ), decimal (©), or hex (©). All three forms decode in one pass. The tool handles the full HTML5 named-entity list because it uses the browser's native parser. - Choose ASCII-only mode - off by default (full Unicode output). On, any decoded character outside printable ASCII (0x20-0x7E) plus
n r tbecomes[U+XXXX]. Useful when the downstream system really is ASCII-only (old terminals, CSV fields, fixed-width formats). - Hit Decode - or just type; the 200 ms debounce handles it. Ctrl+Enter (⌘+Enter on Mac) forces an immediate recalc. Output appears in the read-only pane below.
- Check the breakdown - each detected entity is listed with its type tag (named/decimal/hex), raw form, arrow, decoded character, and Unicode code point. First 60 shown; more summarized below.
- Read the stats - total entities + type split + ASCII vs non-ASCII character counts. If ASCII-only is on and non-ASCII count > 0, you know exactly how many placeholders you got.
- Copy or download - Copy uses async Clipboard API with fallback; Download saves as
decoded.txtin UTF-8. Unknown entities like&bogus;stay as literal text in the output, never silently dropped.
Frequently Asked Questions
Is the decoding XSS-safe?
Yes. We use a detached <textarea>‘s .value property, which triggers the browser’s entity decoder without ever parsing your input as HTML. <script>alert(1)</script> in the input comes out as literal <script>alert(1)</script> text – not an executed script.
Does it support all HTML5 named entities?
Yes. Because we delegate to the browser, everything the HTML5 spec recognizes – over 2,200 named entities from Á to ‌ – decodes correctly. No hand-rolled entity map to fall out of date.
What does ASCII-only mode do?
It walks the decoded output code point by code point. Anything outside printable ASCII (0x20-0x7E) or the common whitespace trio (n r t) is replaced with [U+XXXX] – e.g., © becomes [U+00A9], 😀 becomes [U+1F600]. Ideal for pipelines that must emit strict ASCII.
How does it handle unknown entities like &bogus;?
They’re preserved verbatim in the output. The tool never silently drops input. You’ll see them listed in the breakdown with type “unknown”, so you can spot typos like } (not a standard entity; the correct one is } or just }).
What about numeric entities in hex?
Both © and © work (case of the x is flexible). Any number of hex digits is accepted: 😀 for emoji works. The breakdown tags these as “hex” to distinguish from decimal ©.
Can I decode double-encoded HTML like &lt;?
One pass per decode. &lt; decodes to < (one level stripped). Paste that back in and run again to get <. This is intentional – auto-looping would break legitimate inputs where & is the end state.
Is my input sent anywhere?
No. Everything runs in your browser. No fetch, no XHR, no server. Open DevTools → Network, decode 10 MB of entities, watch zero requests fire. Safe for scraped data, customer PII, or security-sensitive logs.
Does it work offline?
Yes. Once the page loads, disconnect Wi-Fi and keep decoding. The whole tool (HTML + CSS + JS) is under 20 KB. Bookmark and use on air-gapped machines.
How big an input can it handle?
Typical inputs decode in under 50 ms. 100 KB of entity-heavy HTML decodes in roughly 20 ms on a modern laptop. The breakdown panel caps at 60 rows for DOM responsiveness; the output textarea and stats always reflect the full decode.
Can I go the other way – ASCII text to HTML entities?
Use the companion ASCII-to-HTML-entities encoder in the Ascii category. That tool takes plain text and escapes every character that needs it for safe HTML embedding, with options for “minimal” (< > & " ' only), “all non-ASCII”, or “everything”.