String escaping is the process of inserting a backslash (or other marker) before characters that have special meaning inside a string literal. When a programming language parser encounters a double quote inside a double-quoted string, it treats it as the end of the string. Escaping the quote with a backslash — writing \" instead of " — tells the parser to treat it as a literal character, not a delimiter. Every language that uses string literals has escape rules, though the exact sequences differ.
The most common escape sequences map to whitespace and control characters that cannot appear directly in source code. A newline becomes \n, a tab becomes \t, and a literal backslash becomes \\. These conventions trace back to the C programming language (ISO/IEC 9899) and have been adopted by JavaScript (ECMA-262), Python, Java, Go, and Rust. JSON (RFC 8259) uses the same syntax but supports a smaller set of sequences.
Unescaping (sometimes called "de-escaping") is the reverse operation: converting escape sequences back into their original characters. This is common when reading log files, parsing API responses, or debugging data that has been double-escaped. Both operations are mechanical and error-prone when done by hand, which is why developers reach for an escape/unescape tool when working with multi-line strings, embedded quotes, or Unicode characters.
Why Use an Online String Escape Tool?
Manually adding or removing backslashes is tedious and easy to get wrong, especially with nested quotes or multi-line input. A browser-based string escape tool gives you instant results without setting up a REPL or writing throwaway scripts.
⚡
Instant conversion
Paste your text and get the escaped or unescaped result immediately. No need to open a terminal, start a REPL, or write a one-off script.
🔀
Switch between formats
Toggle between JavaScript, Python, and JSON escaping modes. Each language handles single quotes, Unicode, and control characters differently — the tool applies the correct rules automatically.
🔒
Privacy-first processing
All escaping and unescaping happens in your browser using JavaScript. Your strings are never sent to a server, which matters when you're working with API keys, tokens, or user data.
📋
No login or install required
Open the page and start pasting. There is no account to create, no extension to install, and no cookie consent wall blocking the tool.
String Escape Use Cases
Frontend Development
Escape user-generated content before injecting it into HTML attributes, inline scripts, or template literals. Prevents broken markup and XSS vectors from unescaped quotes or angle brackets.
Backend API Integration
Construct JSON request bodies with embedded strings that contain newlines, tabs, or quotes. Proper escaping prevents malformed JSON that would cause 400 errors from the receiving API.
DevOps and Configuration
Write escaped strings for JSON config files, YAML heredocs, or environment variables. A misplaced backslash in a Dockerfile ENV or Kubernetes ConfigMap can break a deployment.
QA and Test Data
Generate test strings with embedded control characters, Unicode sequences, and nested quotes. These edge-case strings are needed to verify that parsers and serializers handle special characters correctly.
Data Engineering
Clean up double-escaped data from CSV exports, log aggregators, or database dumps. Fields that pass through multiple serialization layers often accumulate extra backslashes that need to be stripped.
Learning and Debugging
Inspect how different languages represent the same string. Students and developers new to a language can compare JavaScript, Python, and JSON escaping side by side to understand the differences.
Escape Sequence Reference
The table below lists common escape sequences and whether they are supported in JavaScript, Python, and JSON. All three languages share the core set (newline, tab, backslash, double quote), but diverge on single quotes, hex escapes, and extended Unicode notation.
Sequence
Meaning
JavaScript
Python
JSON
\n
Newline (LF)
Yes
Yes
Yes
\r
Carriage return
Yes
Yes
Yes
\t
Tab
Yes
Yes
Yes
\\
Backslash
Yes
Yes
Yes
\"
Double quote
Yes
Yes
Yes
\'
Single quote
Yes
Yes
No
\b
Backspace
Yes
Yes
Yes
\f
Form feed
Yes
Yes
Yes
\v
Vertical tab
Yes
Yes
No
\0
Null character
Yes
Yes
No
\xNN
Hex byte
Yes
Yes
No
\uNNNN
Unicode (BMP)
Yes
Yes
Yes
\u{N..}
Unicode (full)
Yes
No
No
JavaScript vs Python vs JSON Escaping
While these three formats share the same backslash-based syntax, they differ in which sequences are valid and how they handle edge cases. Picking the wrong mode produces output that looks correct but fails at parse time.
JavaScript
Supports \x hex escapes, \u{...} for full Unicode range (beyond BMP), \v for vertical tab, and \0 for null. Both single and double quotes can be escaped. Template literals (backticks) avoid most escaping needs.
Python
Same core sequences as JavaScript, plus \x hex escapes and \N{name} for named Unicode characters. Raw strings (r"...") disable escape processing entirely. Single and double quotes are both escapable.
JSON
The most restrictive format. Only \" (double quote), \\, \/, \n, \r, \t, \b, \f, and \uNNNN are valid. No single-quote escaping (JSON strings always use double quotes). No hex escapes, no \v, no \0. Any control character (U+0000 through U+001F) must use \uNNNN notation.
Code Examples
Examples for escaping and unescaping strings in JavaScript, Python, Go, and the command line.
JavaScript
// Escape a string with special characters
const raw = 'Line 1\nLine 2\tTabbed "quoted"';
const escaped = JSON.stringify(raw);
// → '"Line 1\\nLine 2\\tTabbed \\"quoted\\""'
// Unescape a JSON string value
const input = '"Hello\\nWorld"';
const unescaped = JSON.parse(input);
// → "Hello\nWorld" (actual newline character)
// Template literals don't need quote escaping
const tpl = `She said "hello"`;
// → 'She said "hello"' — no backslashes needed
// Escape for use inside a RegExp
const query = 'price: $5.00 (USD)';
const safe = query.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
// → "price: \\$5\\.00 \\(USD\\)"
Python
# Escape with repr() — shows escape sequences
raw = "Line 1\nLine 2\t'quoted'"
print(repr(raw))
# → "Line 1\nLine 2\t'quoted'"
# Raw strings skip escape processing
path = r"C:\Users\name\Documents"
print(path)
# → C:\Users\name\Documents (backslashes kept literal)
# JSON escaping with json module
import json
data = 'He said "hello\nworld"'
escaped = json.dumps(data)
# → '"He said \\"hello\\nworld\\""'
# Unicode escaping
text = "Caf\u00e9" # → "Café"
print(text.encode('unicode_escape').decode())
# → "Caf\\xe9"
# Use $'...' syntax for escape sequences in bash
echo $'Line 1\nLine 2\tTabbed'
# → Line 1
# Line 2 Tabbed
# printf interprets escape sequences
printf 'Path: C:\\Users\\name\n'
# → Path: C:\Users\name
# Use jq to escape a string for JSON
echo 'He said "hello"' | jq -Rs .
# → "He said \"hello\"\n"
# Unescape JSON string with jq
echo '"Line 1\\nLine 2"' | jq -r .
# → Line 1
# Line 2
Frequently Asked Questions
What is the difference between escaping and encoding?
Escaping adds backslashes before special characters within a string literal so the language parser treats them as data, not syntax. Encoding transforms the entire string into a different representation — for example, Base64 encoding converts binary to ASCII text, and URL encoding replaces unsafe characters with percent-hex sequences. Escaping preserves readability; encoding changes the format entirely.
Why does my string have double backslashes (\\\\) instead of single ones?
Double backslashes appear when a string is escaped twice. This happens frequently when data passes through multiple serialization layers — for example, a JSON value stored inside another JSON string, or a log line that was JSON-encoded before being written to a file. To fix it, unescape the string one layer at a time until you reach the original content.
How do I escape a string for JSON in JavaScript?
Use JSON.stringify(). It wraps the string in double quotes and escapes all characters that JSON requires: backslashes, double quotes, newlines, tabs, and control characters below U+0020. If you only want the inner content without the surrounding quotes, use JSON.stringify(str).slice(1, -1).
Can JSON strings contain single quotes?
No. The JSON specification (RFC 8259) requires all strings to be delimited by double quotes. Single quotes are not valid string delimiters in JSON. While some lenient parsers accept them, any standard-compliant JSON parser will reject a string wrapped in single quotes. If your string contains a single quote character, it can appear as-is inside double-quoted JSON — no escaping needed.
What is a raw string in Python?
A raw string (prefixed with r, like r"C:\Users\name") tells the Python interpreter to treat backslashes as literal characters instead of escape markers. This is useful for Windows file paths, regular expressions, and any string where backslashes should be preserved. Note that a raw string cannot end with an odd number of backslashes, since the trailing backslash would escape the closing quote.
How do I escape Unicode characters in JavaScript?
JavaScript supports two Unicode escape forms. The \uNNNN syntax handles characters in the Basic Multilingual Plane (U+0000 to U+FFFF), such as \u00e9 for 'e with acute'. For characters outside the BMP (emoji, rare scripts), use \u{NNNNN} with up to six hex digits — for example, \u{1F600} for the grinning face emoji. The \u{'} form was introduced in ES2015.
Is string escaping related to security (XSS, SQL injection)?
Language-level escaping and security escaping serve different purposes, but the idea is the same: preventing special characters from being interpreted as code. For XSS prevention, you escape HTML entities (<, >, &). For SQL injection, you use parameterized queries instead of manual escaping. This tool handles language-level string escaping (backslash sequences), not HTML or SQL escaping.