JavaScript Escape
Escape special characters for safe use inside JavaScript strings.
What is JavaScript Escape?
A JavaScript escape tool rewrites characters that have special meaning inside a JavaScript string literal so the string is syntactically valid and renders correctly at runtime. The escape rules come from the ECMAScript specification: backslashes, quote marks, line terminators, and control characters must be prefixed with \, while non-ASCII characters can be left as-is in UTF-8 source or written as Unicode escapes (é, \u{1F600}).
Backend developers, template authors, and code generators use a JavaScript escaper any time they inject text into a .js file, an inline <script> block, or a JSON-in-script payload, because a stray quote or newline silently breaks parsing.
Why use a JavaScript escape tool?
- Embed user content in inline scripts safely. A newline or unescaped quote in a server-rendered string ends the literal early and breaks the script.
- Generate JavaScript source from templates. Build steps that emit JS need every dynamic string escaped, otherwise the bundle fails to parse.
- Move multi-line text into a single literal. Convert raw text with line breaks into
"line one\nline two"form for paste into single-line string assignments. - Inspect minified or obfuscated strings. Decoded escape sequences reveal what the source actually contains.
- Keep payloads local. The tool runs entirely in the browser, so internal strings, names, or partial credentials never leave your device.
How to use the JavaScript Escape tool
- Paste the raw string into the Raw string field on the left.
- Read the escaped version on the right, with control characters and quotes rewritten as backslash sequences.
- Copy the output and drop it between matching quote marks in your source file.
- Replace the input to escape a different string. The output updates as you type.
JavaScript escape sequence reference
| Character | Escape | Notes |
|---|---|---|
\ | \\ | Backslash must come first to avoid double-escaping |
" | \" | Inside double-quoted strings |
' | \' | Inside single-quoted strings |
| newline | \n | Line feed, 0x0A |
| carriage return | \r | 0x0D |
| tab | \t | 0x09 |
| form feed | \f | 0x0C |
| backspace | \b | 0x08 |
| null | \0 | Null byte |
é | é | 4-digit Unicode escape |
😀 | \u{1F600} | ES2015 code-point escape |
Examples
A multi-line message that needs to live inside a single-quoted literal:
// Raw input:
She said "hello"
on Tuesday.
// Escaped output, ready to paste between quotes:
'She said \"hello\"\non Tuesday.'A path with backslashes that must survive a JSON-in-script payload:
// Raw input:
C:\Users\Jane\app.log
// Escaped output:
"C:\\Users\\Jane\\app.log"Common use cases
- Server-side rendering of inline scripts. Frameworks that emit
<script>blocks must escape any interpolated string to prevent the closing</script>from appearing in the literal. - Code generators and migration scripts. Tools that build JavaScript from CSV, database rows, or YAML pass each string through an escaper.
- Snippet documentation. Tutorials that paste real log lines into example code escape control characters so the snippet copies cleanly.
- Debugging encoded output. When a stringified value contains literal
\ninstead of newlines, the escaper confirms the source already double-escaped.
Frequently asked questions
What characters need escaping in JavaScript strings?
Backslash, the quote character matching the literal’s delimiter, newlines, carriage returns, tabs, and other control characters. Most other ASCII and Unicode characters can appear as-is in UTF-8 source files.
Is JavaScript escape the same as HTML escape?
No. JavaScript escape protects string syntax inside a .js source file. HTML escape protects markup syntax inside an HTML document. A string that appears inside an inline <script> block usually needs both, applied in the right order.
Why escape forward slashes inside strings?
Strictly, you do not have to, but escaping </ as <\/ prevents an injected string from prematurely closing a surrounding </script> tag in inline scripts. Server-side templating engines often apply this defensively.
Does the tool handle Unicode?
Yes. Characters outside the ASCII range pass through if your source file is UTF-8. If you need pure ASCII output, the escaper can be configured to emit \uXXXX sequences instead.
What about JSON.stringify?
JSON.stringify is the correct escaper when the target is JSON. For raw JavaScript string literals, JSON output works because JSON strings are a strict subset of JS string syntax.
Related tools
- Base64 Encoder / Decoder: Convert binary data to ASCII for JSON, headers, and data URLs.
- URL Encode / Decode: Percent-encode strings for safe use in URLs.
- JWT Decoder: Split a JWT into its header, payload, and signature.
- HTML Escape / Unescape: Convert
<,>,&, and quotes to HTML entities and back.
Related tools
ShotMark captures what you do here, in one click.
The traces, payloads, and tests you run by hand? ShotMark grabs the whole bug and hands it to your AI agent.