{"@context":"https://obfus.link/schema/tool/v1","tool":{"name":"HTML Encoder","slug":"html-encoder","mcpToolName":"html_encoder","tier":"tier_1","tierLabel":"Tier 1 — Commodity","category":"encoders","canonicalUrl":"https://obfus.link/tool/html-encoder","endpoint":"https://obfus.link/mcp","priceMicros":8000,"tagline":"Encode and decode HTML entities with context-aware mode","atomicAnswer":"HTML Encoder converts the characters &, <, >, double-quote, and apostrophe to entities using named, numeric, or hex formats. Context-aware mode detects the embedding context (JSON, XML, URL, or raw HTML) and applies the correct escaping for that specific context, eliminating the double-encoding bugs that occur when developers apply the wrong encoding for the target context.","description":"Encodes and decodes HTML entities with named, numeric, or hex output. Context-aware mode auto-detects the embedding context (JSON, XML, URL, or raw HTML) and applies the correct escaping for that specific context — eliminating double-encoding bugs.","inputSchema":{"type":"object","required":["html","mode"],"properties":{"html":{"type":"string"},"mode":{"enum":["encode","decode"],"type":"string"},"entities":{"enum":["named","numeric","hex"],"type":"string"},"contextAware":{"type":"boolean"},"contextOverride":{"enum":["html-in-json","html-in-xml","html-in-url","html-raw"],"type":"string"}}},"outputSchema":{"type":"object","properties":{"encoded":{"type":"string"},"warnings":{"type":"array"},"entityCount":{"type":"number"},"detectedContext":{"type":"string"}}},"agenticReasoning":"USE THIS WHEN: (1) You need to safely embed HTML inside a JSON value, an XML attribute, or a URL parameter — context-aware mode applies the right escape rules so the output is valid in the target context. (2) You are decoding HTML entities back to characters in user-generated content received from an API. (3) You need to ensure no double-encoding occurs when content passes through multiple layers (JSON-encoded HTML inside a URL query, for example). DO NOT USE WHEN: the content is already properly encoded for the target context. Do not use for JavaScript string escaping — use string_escaper instead. OVER ALTERNATIVES: prefer this over manual entity replacement (misses context-specific encoding rules and produces double-encoded output) and DOM-based encoding (server-only, no MCP API).","mcpDescription":"Encodes or decodes HTML entities with optional context awareness. USE WHEN: embedding HTML in another context (JSON, XML, URL) and you need the right escape rules, or decoding HTML entities back to characters. INPUT: html string, mode (encode/decode), entity format, optional context override. OUTPUT: encoded/decoded string, detected context, entity count, warnings. COST: 1 unit.","howTo":[{"step":"Paste HTML","description":"Drop in the HTML content to encode or the entity-encoded string to decode."},{"step":"Choose mode","description":"encode converts characters to entities. decode converts entities back to characters."},{"step":"Select entity format","description":"named (&amp;), numeric (&#38;), or hex (&#x26;). Named is most readable."},{"step":"Enable context-aware (optional)","description":"Auto-detects whether HTML is embedded in JSON, XML, or URL and applies the correct escaping."},{"step":"Override context (optional)","description":"Force a specific embedding context if auto-detection picks the wrong one."},{"step":"Encode or decode","description":"Click Run or press Ctrl+Enter. Output appears with entity count and warnings."}],"faqs":[{"question":"What characters does HTML encoding affect?","answer":"The five HTML5 special characters: & (&amp;), < (&lt;), > (&gt;), \" (&quot;), and apostrophe (&#39;). Named entities use these. Numeric entities use decimal codepoints (&#38;). Hex entities use hex codepoints (&#x26;). All three are valid HTML5."},{"question":"What is context-aware encoding?","answer":"When HTML must be embedded in another format (JSON, XML, or URL), the wrong encoding causes broken output or security bugs. Context-aware mode detects the embedding context and applies JSON-string escaping inside JSON, attribute escaping inside XML, or percent-encoding inside URLs — instead of just standard HTML entities."},{"question":"When should I use named vs numeric vs hex entities?","answer":"Named entities (&amp;) are most readable and supported in HTML5. Numeric and hex entities are more compact and unambiguous in older XML/SGML contexts. Use named for human-readable output, numeric or hex for machine-to-machine pipelines."},{"question":"Does the tool warn about script content?","answer":"Yes. If the input contains <script>, on* attribute handlers, or javascript: URLs, a warning is returned alongside the encoded output. Encoding alone does not sanitize untrusted HTML — use a dedicated sanitizer (DOMPurify) for that."},{"question":"Can I use this tool via the MCP API?","answer":"Yes. The tool is registered on the obfus.link MCP server at https://obfus.link/mcp. Call it from any MCP-compatible agent with a Shared Payment Token. The MCP tool name matches the snake_case slug shown in the integration snippet."}],"workflowChains":{"live":[],"planned":[]},"tags":["html","encode","decode","entities","escape"],"tddVerified":true,"mcpCostUnits":1}}