XML Escape
Escape or unescape XML special characters. Converts &, <, >, ", and ' to their XML entity equivalents and back.
DevForge is free and ad-supported. Buy me a coffee if it saved you time.
How to Use This Tool
Paste your string into the input, select Escape or Unescape, then click the button. Escape converts &, <, >, " and ' to XML entity references. Unescape converts entity references back to raw characters.
Common Use Cases
- Safely embed user text inside XML element content or attributes
- Decode XML entity references back to plain text
- Prevent XML injection when building XML documents programmatically
Frequently Asked Questions
Which characters are escaped?
The five XML predefined entities: & → &, < → <, > → >, " → ", and ' → '. The ampersand must be escaped first to avoid double-escaping.
Why do I need to escape XML?
XML parsers interpret &, <, and > as markup. If your data contains these characters, you must escape them so they are treated as literal text rather than XML syntax.
Is my data sent to a server?
No. All processing happens in your browser. Your data never leaves your machine.