String Escape / Unescape
Escape and unescape strings for 12 formats: JSON, HTML, XML, URL, SQL, Regex, CSV, Shell, Java/C, Python, YAML, and JavaScript.
| Character | Escaped |
|---|---|
| " | \" |
| \ | \\ |
| newline | \n |
| tab | \t |
| carriage return | \r |
| form feed | \f |
| backspace | \b |
| unicode | \uXXXX |
What is String Escaping?
String escaping converts special characters into escape sequences that are safe for use in specific contexts — JSON strings, HTML entities, URL encoding, SQL queries, regex patterns, and more. Unescaping reverses the process. This tool supports 12 formats including JSON, HTML, URL, XML, CSV, JavaScript, Python, Java, SQL, regex, Base64, and Unicode.
Common Use Cases
- •Escaping strings for safe inclusion in JSON payloads
- •Converting special characters to HTML entities
- •Preparing strings for SQL queries (preventing injection)
- •Escaping regex special characters in search patterns
- •Converting between different escape formats
Frequently Asked Questions
Why do strings need escaping?
Special characters like quotes, backslashes, angle brackets, and ampersands have meaning in programming languages and data formats. Escaping replaces them with safe representations so they're treated as literal text, not syntax. Failing to escape can cause bugs or security vulnerabilities like XSS and SQL injection.
What is the difference between encoding and escaping?
Escaping adds a prefix character (like backslash) to indicate a literal interpretation. Encoding transforms the character into a different representation (like %20 for space in URLs or & for & in HTML). Both solve the same problem with different approaches.