All Tools About Blog Code Examples MCP Server — Use tools from AI agents
Workflows Paste Anything — Smart Detector Tool Pipeline Builder Bulk / Batch Processor
JSON Tools JSON Formatter & Beautifier JSON Validator JSON to CSV Converter JSON to TypeScript Generator JSON to Python Converter JSON Flatten & Unflatten jq Playground — JSON Processor JSON Mock Data Generator JSON Schema Validator JSONPath Evaluator JSON Schema Generator JSON Patch / Diff Generator
Encoding Tools Base64 Encoder / Decoder URL Encoder / Decoder Hash Generator (MD5/SHA) JWT Decoder HTML Entity Encoder / Decoder Image to Base64 Converter String Escape / Unescape Tool ASCII / Binary / Hex Converter Protobuf Decoder — Wire Format Viewer Encoding Detective — Mojibake Repair
Formatters HTML Beautifier XML Formatter & Validator SQL Formatter & Beautifier CSS Minifier & Beautifier JavaScript Minifier & Beautifier TOML Formatter & Converter YAML Formatter, Validator & Minifier
Generators UUID Generator Password Generator QR Code Generator Lorem Ipsum Generator Cron Expression Generator chmod Calculator Slug / URL Generator .gitignore Generator
Testing Tools Regex Tester Regex Explainer — Plain English
Security Tools HMAC Generator Content Security Policy Generator SSH Key Generator SSL Certificate Decoder CORS Header Builder & Generator
Design Tools Color Picker & Converter Placeholder Image Generator SVG Path Editor & Visualizer
Comparison Tools Diff Checker / Text Compare .env Diff & Merge
Converters JSON-YAML Converter Epoch / Unix Timestamp Converter Markdown to HTML Preview Curl to Fetch/Axios Converter Tailwind CSS Converter OpenAPI to TypeScript Text Case Converter Number Base Converter CSV Viewer & Editor Date & Time Format Converter SQL to MongoDB & N1QL Converter Semver Calculator & Comparator Byte / Size Calculator URL Parser & Builder Glob to Regex Converter Math Expression Evaluator SQL DDL to TypeScript Converter Duration / Time Calculator CSS Unit Converter — px, rem, em, pt, vw, vh JSON to Go Struct Converter HTML to Markdown Converter CSV to SQL Converter SQL to ORM Converter
Reference HTTP Status Code Explorer Git Command Builder GraphQL Schema Explorer MIME Type Lookup
Text Tools Word & Character Counter Text Line Sorter, Deduplicator & Tools
Networking Tools Subnet / CIDR Calculator
DevOps Tools Nginx Config Generator Docker Compose Validator Robots.txt Generator & Validator GitHub Actions YAML Validator

String Escape / Unescape Tool

Escape and unescape strings for JSON, JavaScript, HTML, XML, URL, CSV, SQL, and regex. Free online tool.

Your data never leaves your browser
Next steps
URL Encoder HTML Entities JSON Validator Regex Tester

How to Use

  1. Select Escape or Unescape mode.
  2. Choose the target format (JSON, JavaScript, HTML, XML, URL, CSV, SQL, or Regex).
  3. Paste or type your string in the input area.
  4. The result appears instantly in the output panel.
  5. Click Copy to copy, or Swap to reverse.

Escaping by Format

JSON escaping handles double quotes, backslashes, and control characters (newlines, tabs). It follows the JSON specification (RFC 8259), converting " to \" and newlines to \n.

JavaScript escaping is similar to JSON but also handles single quotes. This is essential when building strings in JavaScript source code.

HTML/XML escaping converts <, >, &, ", and ' to their entity equivalents (&lt;, &gt;, etc.). This prevents XSS attacks and ensures proper rendering in web pages.

URL escaping (percent-encoding) converts special characters to %XX format for safe inclusion in URLs. Spaces become %20, ampersands become %26.

SQL escaping doubles single quotes and escapes backslashes to prevent SQL injection. Always use parameterized queries in production — manual escaping is a last resort.

Regex escaping prefixes metacharacters with backslashes so they match literally. Use this when building regex patterns from user input.

Related Tools

Encode URLs with the URL Encoder. Encode HTML entities with the HTML Entity Encoder. Validate JSON strings with the JSON Validator. Test regex patterns with the Regex Tester. Encode strings as Base64 with the Base64 Encoder. Convert naming conventions with the Text Case Converter. Generate URL-safe slugs with the Slug Generator.

Frequently Asked Questions

What is string escaping?
String escaping replaces special characters with escape sequences so they can be safely included in a specific context. For example, in JSON, a double quote inside a string becomes \", and a newline becomes \n.
What is the difference between escape and unescape?
Escaping converts special characters into their escaped representations (e.g., < becomes &lt; in HTML). Unescaping reverses this, converting escape sequences back to their original characters.
Why do I need to escape strings for SQL?
SQL escaping prevents SQL injection attacks by ensuring that user input cannot break out of a string literal and execute arbitrary SQL commands. Single quotes are escaped as two single quotes ('').
What does regex escaping do?
Regex escaping adds backslashes before characters that have special meaning in regular expressions (like . * + ? ^ $ { } | [ ] \ ( )). This ensures they are treated as literal characters in the pattern.
Is my data sent to a server?
No. All escaping and unescaping is done entirely in your browser. No data is transmitted.

Related Tools

Base64 Encoder / Decoder

Encode and decode Base64 strings instantly.

URL Encoder / Decoder

Encode and decode URL components safely.

Hash Generator (MD5/SHA)

Generate MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes.

JWT Decoder

Decode and inspect JSON Web Token header, payload, and claims.

HTML Entity Encoder / Decoder

Encode special characters to HTML entities or decode them back.

AI agent tools available. The CodeTidy MCP Server gives Claude, Cursor, and other AI agents access to 47 developer tools. One command: npx @codetidy/mcp

Drop file to load