Escaping the same string for JSON, HTML, URLs and shells
The same character means different things in JSON, HTML, URLs, shells and regex. A tour of each context's escape rules and why they differ.
Why one escape does not fit all
Escaping exists because a few characters do double duty: they can be data, or they can be instructions to whatever parser is reading the text. A double quote ends a JSON string, an ampersand starts an HTML entity, a space separates shell arguments, and a dot matches any character in a regex. Escaping is how you tell the parser to treat such a character as literal content instead of a control signal. Because each context has a different parser with a different set of special characters, the escape that is correct in one place is wrong or meaningless in another, which is exactly why this tool asks you to choose a target before it transforms anything.
String literals: JSON and JavaScript
Inside a quoted string the two characters that must be tamed are the backslash and the quote itself, because a raw backslash starts an escape sequence and a raw quote would end the string early. So a backslash becomes two backslashes and a double quote becomes backslash-quote. Control characters cannot appear literally at all, so newline, tab and their relatives are written as short escapes like \n and \t, and anything else below code point 32 becomes a \uXXXX sequence. The output here is deliberately just the inner contents, without surrounding quotes, so you can paste it between whatever quotes your language uses.
Markup and addresses: HTML and URL
HTML and URLs both carry text inside a larger syntax, but they guard against different characters. In HTML the danger is that <, > and & could be read as tags or entities, so they and the two quote characters are converted to named or numeric entities that render as the literal symbol. In a URL the danger is that characters like space, &, = or the slash have structural meaning, so encodeURIComponent replaces them with percent codes such as %20 and %26. Both are reversible, which is why the tool lets you unescape them and get the exact original text back.
Commands and patterns: shell and regex
Shell and regex escaping protect against execution rather than display. For the shell the safest approach is to wrap the value in single quotes, which suspends almost all interpretation, and then handle the one character single quotes cannot contain, the single quote itself, with the '\'' dance. For a regex the goal is to strip a string of any pattern powers so it matches itself literally, which means backslash-escaping metacharacters like the dot, plus, star and brackets. Neither transformation can be undone reliably from its output, so both are offered as escape only.