The String Escape/Unescape Tool helps developers safely encode and decode strings for different programming contexts. Whether you need to escape a string for inclusion in JSON, HTML, URLs, JavaScript source code, or XML documents, this tool handles all the tricky special character conversions in one place.
Step-by-Step
Paste your string — Enter the text you want to escape or unescape into the input panel.
Select the format — Choose the target format: JSON, HTML, URL (percent-encoding), JavaScript, XML, CSV, or SQL.
Choose the operation — Click Escape to encode special characters, or Unescape to decode escaped sequences back to readable text.
View the result — The escaped or unescaped string appears in the output panel with special characters highlighted.
Copy the output — Click the clipboard button to copy the result for use in your code, templates, or configuration files.
Features
Multi-Format Support — Escape and unescape strings for JSON (\n, \"), HTML (&, <), URL (%20, %3D), JavaScript (\u0041), XML ('), CSV, and SQL.
Bidirectional Conversion — Encode raw strings into escaped format, or decode escaped strings back to their original representation.
Unicode Handling — Properly handles multi-byte Unicode characters, emoji, and special symbols across all supported formats.
Escape Highlighting — Escaped characters are visually highlighted in the output so you can see exactly which characters were transformed.
Batch Processing — Process multi-line strings and large blocks of text efficiently with instant results.
Comparison View — See the original and escaped strings side by side to verify the transformation is correct.
Common Use Cases
JSON String Building — Escape user input containing quotes, backslashes, and newlines before embedding it in JSON strings.
HTML Content Safety — Encode user-generated content as HTML entities to prevent XSS attacks and rendering issues.
URL Parameter Encoding — Percent-encode query parameter values that contain spaces, ampersands, or other reserved URL characters.
JavaScript String Literals — Escape strings for inclusion in JavaScript source code, especially when building dynamic code or template literals.
SQL Query Parameters — Escape single quotes and backslashes in strings before constructing SQL queries (though parameterized queries are always preferred).
XML/SVG Content — Encode special characters for safe inclusion in XML documents, SVG files, and RSS feeds.
Why Use This Tool
String escaping is one of the most common sources of bugs and security vulnerabilities in software development. Improper escaping leads to broken JSON, XSS attacks, malformed URLs, and SQL injection. This tool supports all major escaping formats in one unified interface, making it easy to verify that your strings are properly encoded for their target context. All processing happens client-side, so sensitive strings never leave your browser.