Why are there two Bash forms?

Single-quoted strings in Bash treat everything literally except `'` itself — so we use the `'\''` close-reopen trick. Double-quoted strings interpret `$VAR`, backticks, `\\`, and `\"` — so those need backslashing. They have different escape rules and you pick based on whether you need variable expansion.

What's the difference between JavaScript and JSON?

JSON is stricter: only double quotes are allowed (no single), and the only escapes are `\\`, `\"`, `\/`, `\b`, `\f`, `\n`, `\r`, `\t`, `\uXXXX`. JavaScript also allows single quotes, template literals, hex escapes, octal escapes, and `\u{XXXX}`. Use JSON if you're producing a `.json` file; JS if you're writing a `.js` source file.

Why does the SQL format use single quotes?

Standard SQL uses single quotes for string literals; double quotes are for identifiers (table/column names). To embed an apostrophe inside a string, you double it: `it''s`. This is portable across PostgreSQL, MySQL, SQLite, and standard ANSI SQL.

String Escape Converter

Developer

Take any input string and see it escaped for all the common contexts where you might paste it: as a JavaScript string literal (handles `\n`, `\t`, `\"`, `\\`, control chars), as JSON (using the built-in `JSON.stringify`), as HTML entities (`&`, `<`, `>`, `"`, `'`), URL-percent-encoded, as a SQL single-quoted literal with doubled apostrophes, regex-escaped (special metacharacters like `.*+?(){}[]|^$\` get backslashed), Bash single- and double-quoted (each with its own escape rules), C string literal (with `\xHH` and `\uXXXX` for non-ASCII), and pure Unicode escapes for any non-ASCII characters. One input, ten ready-to-paste outputs.

—

Input (raw string)

Escaped for each context

JavaScript string

Hello \"world\"!\nLine with \'quotes\' & <html> tags.\nPath: C:\\Users\\you\\file.txt\nUnicode: 한글 日本語 🎉\nSQL danger: \'; DROP TABLE users; --

JSON.stringify

"Hello \"world\"!\nLine with 'quotes' & <html> tags.\nPath: C:\\Users\\you\\file.txt\nUnicode: 한글 日本語 🎉\nSQL danger: '; DROP TABLE users; --"

HTML entities

Hello &quot;world&quot;!
Line with &#39;quotes&#39; &amp; &lt;html&gt; tags.
Path: C:\Users\you\file.txt
Unicode: 한글 日本語 🎉
SQL danger: &#39;; DROP TABLE users; --

URL (percent-encoded)

Hello%20%22world%22!%0ALine%20with%20'quotes'%20%26%20%3Chtml%3E%20tags.%0APath%3A%20C%3A%5CUsers%5Cyou%5Cfile.txt%0AUnicode%3A%20%ED%95%9C%EA%B8%80%20%E6%97%A5%E6%9C%AC%E8%AA%9E%20%F0%9F%8E%89%0ASQL%20danger%3A%20'%3B%20DROP%20TABLE%20users%3B%20--

SQL literal (single-quoted)

'Hello "world"!
Line with ''quotes'' & <html> tags.
Path: C:\Users\you\file.txt
Unicode: 한글 日本語 🎉
SQL danger: ''; DROP TABLE users; --'

Regex (metacharacters)

Hello "world"!
Line with 'quotes' & <html> tags\.
Path: C:\\Users\\you\\file\.txt
Unicode: 한글 日本語 🎉
SQL danger: '; DROP TABLE users; --

Bash 'single-quoted'

'Hello "world"!
Line with '\''quotes'\'' & <html> tags.
Path: C:\Users\you\file.txt
Unicode: 한글 日本語 🎉
SQL danger: '\''; DROP TABLE users; --'

Bash "double-quoted"

"Hello \"world\"!
Line with 'quotes' & <html> tags.
Path: C:\\Users\\you\\file.txt
Unicode: 한글 日本語 🎉
SQL danger: '; DROP TABLE users; --"

C string literal

"Hello \"world\"!\nLine with 'quotes' & <html> tags.\nPath: C:\\Users\\you\\file.txt\nUnicode: \ud55c\uae00 \u65e5\u672c\u8a9e \U0001f389\nSQL danger: '; DROP TABLE users; --"

Unicode \uXXXX

Hello "world"!
Line with 'quotes' & <html> tags.
Path: C:\Users\you\file.txt
Unicode: \ud55c\uae00 \u65e5\u672c\u8a9e \u{1f389}
SQL danger: '; DROP TABLE users; --

All escaping is one-way (raw → escaped). To go the other direction, look for our HTML decoder / URL decoder / JSON.parse tools.

How to use

Paste your string in the input box (no quotes — just the raw characters).
Each format shows the escaped result side-by-side.
Copy whichever context matches where you're about to paste it.

Frequently asked questions

Why are there two Bash forms?: Single-quoted strings in Bash treat everything literally except `'` itself — so we use the `'\''` close-reopen trick. Double-quoted strings interpret `$VAR`, backticks, `\\`, and `\"` — so those need backslashing. They have different escape rules and you pick based on whether you need variable expansion.
What's the difference between JavaScript and JSON?: JSON is stricter: only double quotes are allowed (no single), and the only escapes are `\\`, `\"`, `\/`, `\b`, `\f`, `\n`, `\r`, `\t`, `\uXXXX`. JavaScript also allows single quotes, template literals, hex escapes, octal escapes, and `\u{XXXX}`. Use JSON if you're producing a `.json` file; JS if you're writing a `.js` source file.
Why does the SQL format use single quotes?: Standard SQL uses single quotes for string literals; double quotes are for identifiers (table/column names). To embed an apostrophe inside a string, you double it: `it''s`. This is portable across PostgreSQL, MySQL, SQLite, and standard ANSI SQL.