String Escape/Unescape
Escape and unescape strings for JSON, JavaScript, HTML, URL, Regex, and SQL.
🔤 What is String Escape?
String escaping converts characters with special meaning in programming languages or data formats into safe representations. For example, a double quote (") in a JSON string is interpreted as a string delimiter, so it must be escaped as \". This tool supports escape/unescape for 6 formats: JSON, JavaScript, HTML, URL, Regex, and SQL.
📋 Format-Specific Rules
JSON / JavaScript
Escapes \\, ", ', newlines (\\n), tabs (\\t) with backslash prefix.
HTML
Converts <, >, &, ", ' to HTML entities (< etc.).
Regex
Escapes regex special characters like . * + ? ^ $ with backslash.
SQL
Doubles single quotes ('' → '') to prevent SQL injection attacks.
Frequently Asked Questions
What happens if I skip escaping?▼
Syntax errors, data loss, or security vulnerabilities (XSS, SQL injection) can occur. User input should always be properly escaped before use.
What is the difference between JSON and JavaScript escaping?▼
JSON uses only double quotes (") as string delimiters, while JavaScript supports both single and double quotes. JavaScript also escapes \0 (null character).
How does real-time auto-conversion work?▼
Input is debounced by 300ms, automatically converting when typing stops. Changing the mode (escape/unescape) or format is reflected immediately.