String Escape/Unescape
Escape and unescape special characters
JavaScript Escape Sequences
| \\ | Backslash |
| \' | Single quote |
| \" | Double quote |
| \n | Newline |
| \r | Carriage return |
| \t | Tab |
Frequently Asked Questions
What is string escaping?
Adding backslashes to special characters so they're treated as literal text, not code syntax.
Why escape strings?
Unescaped characters can break syntax, cause XSS/SQL injection, or corrupt data.
What to escape in JSON?
Double quotes, backslash, newline, tab, carriage return, backspace, and form feed.
What characters need to be escaped in a JSON string?
JSON requires escaping backslash (\\), double quote (\"), and control characters (newline \n, tab \t, carriage return \r). Forward slash (/) can optionally be escaped as \/.
What is the difference between single-escape and double-escape?
Single-escape adds one level of escaping (e.g., newline becomes \n). Double-escape escapes the escape characters themselves (\n becomes \\n), needed when strings pass through multiple parsers.
When to Use String Escaping
JavaScript/JSON: When embedding strings in code or JSON data.
HTML: When displaying user input to prevent XSS attacks.
URL: When including special characters in URLs or query parameters.
SQL: When building SQL queries to prevent SQL injection (though parameterized queries are preferred).