String Escape & Unescape

Escaping replaces special characters with safe representations so they can be included in contexts where they would otherwise have special meaning. For example, a double quote inside a JSON string must be escaped as \" to avoid ending the string prematurely. Each format (JSON, HTML, URL, SQL) has different escaping rules.

The tool supports JSON escaping (\n, \t, \", \\), JavaScript string escaping, HTML entity encoding (< > &), URL encoding (%20 %3D %26), SQL escaping (for single quotes), CSV escaping (double-quoting), and Unicode escape sequences (\u00e9). Select the target format before escaping.

You need escaping when inserting user input into JSON payloads, building SQL queries (to prevent injection), embedding text in HTML (to prevent XSS), constructing URLs with special characters, writing strings in code that contain quotes, or preparing CSV data with commas or quotes.

Yes — paste an escaped string and the tool reverses the escaping to show the original readable text. This is useful for debugging encoded data, reading URL parameters, interpreting log files with escaped characters, or converting entity-encoded HTML back to plain text.

URL encoding (percent-encoding) replaces unsafe characters with a % followed by two hexadecimal digits representing the character's byte value. Spaces become %20 (or + in form data), & becomes %26, and = becomes %3D. Characters that are safe in URLs (letters, numbers, hyphens) are not encoded.