Outils de Développement
Échapper et déséchapper les chaînes pour JSON, URL, HTML et XML avec traitement bidirectionnel
Échappeur de Chaînes / Déséchappeur
Échapper et déséchapper les chaînes pour JSON, URL, HTML et XML avec traitement bidirectionnel
Hors ligneConfidentialitéTemps réel
Échappement/Désechappement de Chaînes
Mode d'Opération
Échappe les caractères spéciaux pour les chaînes JSON et JavaScript
Texte à Échapper
Texte Échappé
Learn more about String Escaper / Unescaper
About String Escaper / Unescaper
Escape or unescape strings for different contexts: JSON, HTML entities, URL encoding, JavaScript strings, and SQL. Prevents XSS vulnerabilities, malformed JSON, and broken URLs caused by unescaped special characters.
Key features
- Escape for JSON, HTML, URL, JavaScript, and SQL
- Unescape mode to decode escaped strings
- Handles special characters, unicode, and control chars
- Shows before/after comparison
- Instant processing — no server needed
How to use String Escaper / Unescaper
- 1Paste your string into the input area
- 2Select the escaping context (JSON, HTML, URL, JavaScript, SQL)
- 3Choose Escape or Unescape mode
- 4Copy the result from the output box
Frequently asked questions
- When do I need to escape a string for JSON?
- JSON strings must escape double quotes (\"), backslashes (\\), and control characters. Unescaped special characters cause JSON parse errors.
- What is the difference between URL encoding and HTML encoding?
- URL encoding converts characters to %XX percent-encoding for use in URLs. HTML entity encoding converts characters like < and > to < and > to prevent XSS in HTML documents.
- Why are my API requests failing with special characters?
- Query parameters containing &, =, ?, #, or spaces must be URL-encoded. Use this tool to encode the values before adding them to your URL.
- Does HTML escaping prevent XSS?
- Proper HTML escaping of user-controlled content prevents most XSS attacks by ensuring characters like < > " ' are rendered as text, not as HTML markup.