Escape JSON String: Special Characters, Backslashes, and Unicode
JSON strings must escape certain characters with a backslash. Getting escaping wrong causes parse errors. The safest approach is to always let JSON.stringify() handle it — but this guide covers what it does and why, so you can debug when something goes wrong.
Characters that must be escaped
The JSON specification (RFC 8259) requires these characters to be escaped inside a string value:
| Character | Escape sequence | Notes |
|---|---|---|
Double quote " | \" | Required — terminates the string otherwise |
Backslash \ | \\ | Required — introduces escape sequences |
| Newline | \n | U+000A |
| Carriage return | \r | U+000D |
| Tab | \t | U+0009 |
| Backspace | \b | U+0008 |
| Form feed | \f | U+000C |
| Any control char | \uXXXX | U+0000–U+001F |
Forward slash / may be escaped as \/ but does not have to be. Unicode characters above U+001F do not need escaping but can be written as \uXXXX if ASCII-only output is required.
Common escaping mistakes
Unescaped backslash in Windows file paths
// ❌ Invalid
{"path": "C:UsersAliceDocuments"}
// ✅ Valid
{"path": "C:\Users\Alice\Documents"}Unescaped double quote inside a string
// ❌ Invalid
{"message": "She said "hello" to me"}
// ✅ Valid
{"message": "She said \"hello\" to me"}Literal newline instead of \n
// ❌ Invalid — actual line break inside the string
{"text": "line one
line two"}
// ✅ Valid
{"text": "line one\nline two"}Let JSON.stringify handle escaping
In JavaScript, JSON.stringify() escapes all required characters automatically. Never build JSON strings by hand.
const path = 'C:\Users\Alice'
const message = 'She said "hello"'
const multiline = 'line one\nline two'
// JSON.stringify escapes everything correctly
const json = JSON.stringify({ path, message, multiline })
console.log(json)
// {"path":"C:\\Users\\Alice","message":"She said \"hello\"","multiline":"line one\\nline two"}See the JSON.stringify tutorial for replacers, spacing, and safe circular reference handling.
Escaping for use inside HTML attributes
When embedding JSON in an HTML attribute or a <script> tag, double-escaping issues can arise. The safest pattern is to serialize server-side and inject into a <script type="application/json"> block rather than an attribute value.
<!-- Preferred: script tag injection -->
<script type="application/json" id="app-config">
{"theme":"dark","locale":"en"}
</script>
<script>
const config = JSON.parse(document.getElementById('app-config').textContent)
</script>Unicode escape sequences
Any Unicode code point can be written as \uXXXX where XXXX is the four-digit hex value. Characters outside the Basic Multilingual Plane (above U+FFFF) require a surrogate pair.
// Unicode escape for a copyright symbol
{"notice": "\u00A9 2024 Acme Corp"}
// Emoji using surrogate pair (U+1F600)
{"emoji": "\uD83D\uDE00"}In practice, modern JSON parsers handle UTF-8 directly and surrogate pairs are rarely needed unless you need pure ASCII output.
Validate your escaped JSON
Paste the JSON into Jsonic's Formatter to confirm the escaping is correct and the string values parse as expected.
Open JSON Formatter