& HTML

HTML Entities — When < Matters and When It Doesn't

📅 Jul 3, 2026 ⏱ 2 min read

Displaying code on a page? <div> written raw becomes an actual div. Entities are the escape hatch — and in UTF-8 days, you need fewer than you think.

The five that are mandatory

&lt;     →  <      (less-than — starts a tag otherwise)
&gt;     →  >      (greater-than)
&amp;    →  &      (ampersand — starts an entity otherwise)
&quot;   →  "      (inside double-quoted attributes)
&#39;    →  '      (inside single-quoted attributes)

The useful ones

&nbsp;    non-breaking space — keeps "₹&nbsp;500" together on line wraps
&copy; ©   &rarr; →   &times; ×   &hellip; …   &mdash; —
&#8377; ₹  (or just type ₹ — see below)

The 2026 reality

With <meta charset="UTF-8"> you can type ₹ © → 你好 emoji directly — entities are only required for the five reserved characters and useful for invisible ones (&nbsp;, &zwj;). Security note: escaping user input with these five is exactly how XSS is prevented server-side — same table, higher stakes.

← All Articles