What is difference between unescape() and escape() functions in JavaScript?

JavaScript provides two functions for dealing with encoded strings: escape() and unescape(). The escape() function is used to encode a string, making it safe for use in a URL. The unescape() function is used to decode an encoded string.

The differences

The main difference between the two functions is that escape() encodes characters that are not ASCII, while unescape() only decodes those characters. This means that if you use escape() on a string that only contains ASCII characters, the result will be the same as the input string. However, if you use unescape() on a string that contains non-ASCII characters, the result may be different from the input string.

Use cases

The escape() function is typically used when encoding a URL parameter or path segment. For example, if you wanted to encode the string "Hello world!" for use in a URL, you would use the escape() function, like this −

var encodedString = escape("Hello world!");

The unescape() function is typically used when decoding a URL parameter or path segment. For example, if you wanted to decode the string "Hello%20world!" (which is the encoded version of "Hello world!"), you would use the unescape() function, like this −

var decodedString = unescape("Hello%20world!");

Example

Below is the full working code example −

<html>
<body>
<div id="result1"></div>
<div id="result2"></div>
<script>
var encodedString = escape("Hello world!");
var decodedString = unescape(encodedString);
document.getElementById("result1").innerHTML = "Encoded String: " + encodedString
document.getElementById("result2").innerHTML = "Decoded String: " + decodedString
</script>
</body>
</html>

Benefits

Below are the benefits of using the escape() and unescape() functions −

• The escape() function can be used to encode a string for use in a URL.

• The unescape() function can be used to decode an encoded string.

• These functions can be used to ensure that a string is safe for use in a URL.

• These functions can be used to decode a string that has been encoded for use in a URL.

Below are some of the disadvantages of using the escape() and unescape() functions −

• The escape() function is not supported in all browsers (including Internet Explorer 7 and earlier).

• The unescape() function can be used to decode malicious strings, which can lead to security vulnerabilities.

• The escape() and unescape() functions only work with ASCII characters. If you need to encode/decode a string that contains non-ASCII characters, you should use a different encoding/decoding scheme, such as UTF-8.

Conclusion

In conclusion, the escape() and unescape() functions are used to encode and decode strings, respectively. The main difference between the two functions is that escape() encodes characters that are not ASCII, while unescape() only decodes those characters. These functions can be used to ensure that a string is safe for use in a URL. However, these functions should not be used to decode strings that have been encoded with a different encoding scheme, such as UTF-8.

Note − The escape() and unescape() functions are deprecated. Use encodeURI or encodeURIComponent() and Use decodeURI() or decodeURIComponent() instead.