Skip to main content

html-entity-counter

HTML entities are escape sequences for special characters: & for &, < for <, > for >, " for ", β˜ƒ for β˜ƒ. Counting entities is useful for HTML migration audits ("did we escape everything?"), email-template inspection, and security review (are <script> tags being properly entity-escaped?). The ZTools HTML Entity Counter parses any text, lists every named and numeric entity it finds with frequency, and shows the resolved character for each.

Use cases​

Audit a template for escape consistency​

A template uses & in some places and & in others. Counter highlights the mismatch.

Check user-generated content for unescaped special chars​

After a sanitiser runs, count entities. Too few = sanitiser missed cases. Too many = over-escaping.

Migrate from HTML to Markdown​

Markdown rarely needs entities. Counter shows what to convert back to plain chars.

Decode hex / decimal numeric entities​

β˜ƒ β†’ β˜ƒ (snowman). Counter shows the resolved char alongside the count.

How it works​

  1. Paste HTML / text β€” Any text containing entities.
  2. Scan β€” Regex matches &name; (named), &#NNN; (decimal), &#xHHHH; (hex). Each match decoded.
  3. Count β€” Frequency table per unique entity. Top entities highlighted.
  4. Display β€” Table: entity, decoded char, count. Plus total entity count and total chars.

Examples​

Input: "This & that <tag>"

Output: Entities: & (1, decodes to &), < (1, <), > (1, >). Total: 3.

Input: Mixed: "Β© 2026 β€” β˜ƒ"

Output: Β© β†’ Β©, β€” β†’ β€”, β˜ƒ β†’ β˜ƒ. 3 entities.

Input: Entity-stuffed text

Output: Counter helps spot if entities are being doubly-encoded (&amp; means & got escaped twice).

Frequently asked questions​

Doubly-encoded entities?

When &amp; appears, it means a sanitiser ran twice. Tool flags suspicious patterns like &quot; (escape of ").

Numeric vs named entities?

Named (Β©, β€”) more readable; numeric (Β©, β€”) more universal. Tool decodes both.

Maximum text size?

Several MB works fine. The regex scan is O(n).

Privacy?

All in browser.

Tips​

  • For HTML output, use named entities for readability β€” Β© beats Β©.
  • For email HTML, more conservative β€” use entities for any non-ASCII char to avoid encoding mismatches.
  • For Markdown migration, decode all entities first β€” Markdown handles plain chars natively.
  • Doubly-encoded entities (&amp;) are a security smell β€” investigate the sanitisation pipeline.

Try it now​

The full html-entity-counter runs in your browser at https://ztools.zaions.com/html-entity-counter β€” no signup, no upload, no data leaves your device.

Open the tool β†—

Last updated: 2026-05-06 Β· Author: Ahsan Mahmood Β· Edit this page on GitHub