JSON Escape / Unescape
Escape and unescape JSON strings. Handle double quotes, newlines, tabs, and special characters for embedding JSON in HTML, JavaScript, or URLs.
Rendered Preview
About JSON Escape / Unescape
Our free online JSON Escape/Unescape tool is a specialized utility for converting between raw text and JSON-safe escaped strings. When working with JSON data in web applications, you often need to escape special characters like double quotes, newlines, tabs, and backslashes to safely embed JSON strings in HTML attributes, JavaScript code, or URLs.
The escaping process transforms problematic characters into their JSON escape sequence equivalents: double quotes (") become (\"), newlines become (\n), tabs become (\t), backslashes become (\\), and Unicode characters can be encoded as (\uXXXX) sequences. This ensures the string remains valid when embedded in JSON values, HTML attributes, or JavaScript string literals.
The unescaping process reverses these transformations, converting escape sequences back to their original characters. This is essential when receiving escaped JSON strings from APIs, reading data from databases, or parsing configuration files that contain escaped text content.
All processing happens directly in your browser, so your data never leaves your device. This ensures complete privacy and security for your sensitive data including API payloads, configuration values, and embedded scripts.
Related JSON Tools
Features
Escape Special Characters
Escape double quotes, newlines, tabs, backslashes, and other special characters for JSON compatibility.
Unescape Sequences
Reverse escape sequences back to their original characters. Handles all standard JSON escape codes.
HTML-Safe Escaping
Additional escaping for HTML special characters (< > / &) to prevent XSS when embedding in HTML.
JavaScript Escaping
Escape strings specifically for embedding in JavaScript code or script tags.
Unicode Escaping
Convert non-ASCII characters to \uXXXX Unicode escape sequences for maximum compatibility.
Live Preview
See the rendered output in real-time. Preview how the escaped string will look when rendered.
Auto-Convert
Enable auto-convert mode to transform your data automatically as you type in real-time.
Statistics
View input/output character counts, line counts, escaped character count, and size change percentage.
Privacy First
All processing happens in your browser. Your data never leaves your device, ensuring complete security.
How to Use
Paste Your Data
Paste raw text or escaped JSON string into the left input editor. Click "Sample" to load example data.
Choose Escape Mode
Select Full, Minimal, HTML-safe, or URL-safe escape mode. Customize which characters to escape using the checkboxes.
Escape or Unescape
Click "Escape" to escape special characters, or "Unescape" to convert escape sequences back to raw text.
Copy or Download
Click Copy to copy the result to clipboard, or Download to save it as a text file.
Frequently Asked Questions
What characters need to be escaped in JSON strings?
According to the JSON specification, the following characters must be escaped in string values: double quote ("), backslash (\), and control characters including newline (\n), carriage return (\r), tab (\t), backspace (\b), and form feed (\f). Additionally, any character with a code point below U+0020 must be escaped. Forward slash (/) can optionally be escaped as \/ for compatibility with older parsers.
What is the difference between escape modes?
Full mode escapes all special characters including quotes, newlines, tabs, backslashes, and HTML entities. Minimal mode only escapes double quotes and backslashes (the bare minimum for JSON). HTML-safe mode additionally escapes < > / and & characters to prevent XSS attacks when embedding in HTML. URL-safe mode converts the string to a URL-encoded format suitable for query parameters.
When do I need to escape JSON strings?
Common scenarios include: embedding JSON in HTML attributes (data-* attributes), inserting JSON into JavaScript variables (inline scripts), passing JSON as URL parameters, storing JSON in databases that require escaping, and embedding JSON in XML or other markup languages. Escaping prevents parsing errors and security vulnerabilities like XSS attacks.
What is Unicode escaping?
Unicode escaping converts non-ASCII characters (characters outside the basic Latin alphabet) into \uXXXX format, where XXXX is the 4-digit hexadecimal Unicode code point. For example, the character "é" becomes \u00e9. This is useful when you need to ensure maximum compatibility across different systems, encodings, or when transmitting data over protocols that may not handle UTF-8 correctly.
How do I escape JSON for HTML attributes?
To safely embed JSON in HTML attributes: (1) First escape the JSON string using the standard JSON escape (quotes, backslashes, newlines). (2) Then escape HTML special characters: & becomes &, < becomes <, > becomes >, and " becomes ". Use the "HTML-safe" mode in this tool to handle both steps automatically.
How do I escape JSON for JavaScript?
To embed JSON in JavaScript code: (1) Escape all backslashes first (\\ becomes \\\\). (2) Escape double quotes (\" becomes \\"). (3) Escape newlines (\n), tabs (\t), and other control characters. (4) Optionally escape forward slashes (\/) to prevent
tag injection. Use the "Escape for JS" button in this tool for one-click JavaScript-safe escaping.Is this JSON Escape/Unescape tool free?
Yes, it is completely free to use with no registration, sign-up, or limits. You can use it as many times as you need for personal, educational, or commercial projects without any restrictions.
Does it work offline?
Yes, once the page is loaded, all escaping and unescaping happens entirely in your browser using JavaScript. No server communication is needed, so you can use it even without an internet connection after the initial page load.
Is my data secure?
Absolutely. All escaping and unescaping happens directly in your browser using JavaScript. Your data is never sent to any server, stored, or logged. This ensures complete privacy and security for sensitive information like API keys, configuration values, and embedded scripts.