What Is URL Encoding?
URL encoding, also known as percent-encoding, converts unsafe characters into a format that can be safely transmitted over the internet. URLs can only contain a limited set of characters. Any character outside the allowed set, such as spaces, special symbols, or non-ASCII characters, must be encoded as a percent sign followed by two hexadecimal digits.
This encoding is essential for web forms, query parameters, and any data embedded in URLs. Without it, spaces would break URL parsing and special characters like ? and & would be interpreted as URL syntax rather than data.
What This Tool Does
This tool encodes plain text into URL-safe percent-encoded format and decodes percent-encoded strings back to their original form. It uses the standard encodeURIComponent and decodeURIComponent JavaScript functions, which handle the full UTF-8 character set including Unicode characters.
- Encode inputs: Any plain text string, including spaces, symbols, and Unicode characters
- Encode outputs: A percent-encoded string where unsafe characters are represented as %XX
- Decode inputs: A percent-encoded string
- Decode outputs: The original plain text
How the Encoding Works
URL encoding replaces each unsafe character with a percent sign followed by its byte value in hexadecimal. The UTF-8 encoding is used for non-ASCII characters, which may result in multiple percent-encoded bytes for a single character.
Space → %20
Hello World → Hello%20World
café → caf%C3%A9 (UTF-8: é = C3 A9)
? → %3F
Characters that are safe and do not require encoding include alphanumeric characters (A-Z, a-z, 0-9) and a few special characters like hyphen (-), underscore (_), period (.), and tilde (~). All other characters must be percent-encoded.
How to Use the Tool
- Select the URL Encode tab to convert plain text for safe use in URLs
- Paste or type your text in the input area
- Click Encode to see the percent-encoded output
- Use the Copy button to copy the result to your clipboard
- Switch to the URL Decode tab to convert a percent-encoded string back to plain text
- Paste the encoded string and click Decode
Example Encoding
Example 1: Simple String with Spaces
The string "Hello World" encodes to "Hello%20World". The space character, which is not allowed in URLs, is replaced with %20. This is the most common use case when embedding user input into query parameters.
Example 2: Complex Query Parameter
The string "price >= $100 & discount < 10%" encodes to "price%20%3E%3D%20%24100%20%26%20discount%20%3C%2010%25". Every special character (>=, $, &, <, %) is percent-encoded so the parameter value is preserved when transmitted as part of a URL.
Example 3: Unicode Characters
The string "Café au lait" encodes to "Caf%C3%A9%20au%20lait". The é character is encoded as two bytes (C3 A9) in UTF-8, resulting in %C3%A9. This ensures the character is correctly decoded by the receiving server regardless of the encoding assumptions.
Real-World Scenarios
Web Form Submissions
When a user submits a web form with special characters, the browser automatically URL-encodes the data before sending it to the server. Developers use this tool to manually construct form data or debug encoding issues when the automatic encoding does not behave as expected.
API Query Parameters
REST API calls often include dynamic data in query parameters. For example, a search API might accept a query parameter that includes spaces and symbols. URL encoding ensures the API receives the exact value intended, not a malformed request.
Redirect URLs and Deep Links
When redirecting a user to another URL and passing along parameters, the target URL itself must be encoded as a parameter value. Without encoding, the question mark and ampersand in the target URL would be misinterpreted as part of the redirect URL's structure.
Why This Tool Matters
Incorrect URL encoding is a common source of bugs and security vulnerabilities. Spaces can truncate parameters, special characters can break URL parsing, and unencoded input can lead to injection attacks. This tool helps developers verify that their data is properly encoded before transmission.
Common Mistakes to Avoid
- Encoding the entire URL instead of just the parameters: Only parameter values and path segments containing unsafe characters should be encoded. The URL structure (protocol, domain, slashes, question marks, ampersands) must remain intact
- Using encodeURI instead of encodeURIComponent: encodeURI leaves characters like ?, &, and = unencoded because they are part of URL syntax. For parameter values, always use encodeURIComponent
- Double-encoding: Encoding an already-encoded string produces incorrect results. Always decode from the original percent-encoded value rather than encoding an already-encoded value
- Assuming plus signs are spaces: Some legacy systems use + for spaces (application/x-www-form-urlencoded). Standard URL encoding uses %20. This tool uses %20 as per the URL specification