How JSON string escaping works
The rules behind JSON string literals: which characters must be escaped, the short escapes, backslash uXXXX, and how to embed JSON inside JSON safely.
What a JSON string may and may not contain
A JSON string is text wrapped in double quotes, but not every character is allowed to appear raw between them. The two that always need escaping are the double quote, because it would end the string early, and the backslash, because it starts an escape. Control characters below U+0020, such as a literal newline or tab, are also forbidden in raw form. Everything else, including accented letters and emoji, may appear as itself.
Short escapes versus backslash uXXXX
JSON defines a small set of two character shortcuts for common control codes: backslash b, f, n, r and t for backspace, form feed, newline, carriage return and tab. For any other control character there is the six character backslash uXXXX form, which names a code point with four hexadecimal digits. This tool prefers the readable short escapes where they exist and falls back to backslash uXXXX only when no shortcut applies.
Embedding JSON inside JSON
A frequent need is storing a JSON payload as a string field inside another JSON object, for example a webhook body saved as text. Doing that by hand is error prone because every quote and backslash in the inner document has to be doubled or protected. Escaping the inner text once produces a safe string body you can drop between quotes. Decoding it later with unescape returns the original document exactly.
Debugging broken escapes
Most JSON parse errors around strings come from a stray backslash or an unterminated escape. If a parser complains near a string, unescaping the suspect body will pinpoint the problem: a lone trailing backslash or a truncated backslash u sequence throws immediately. Fixing the source so every backslash begins a valid escape usually clears the error.