URL Encoder / Decoder

Encode or decode URL-encoded strings instantly. Free online tool for developers.

What is URL Encoding?

URL encoding, also known as percent-encoding, is a mechanism for encoding information in a Uniform Resource Identifier (URI). It converts characters into a format that can be safely transmitted over the internet. URLs can only be sent over the internet using the ASCII character set, so any characters outside this set — or characters that have special meaning in URLs — must be encoded.

When Should You Use URL Encoding?

URL encoding is essential in many web development scenarios. Here are the most common use cases:

  • Query string parameters: When passing data via GET parameters (e.g., ?name=John+Doe&city=New+York), spaces and special characters must be encoded.
  • Non-ASCII characters: Characters like Chinese, Arabic, or emoji need to be percent-encoded to be safely included in URLs.
  • Reserved characters: Characters like &, =, ?, #, and / have special meanings in URLs. If you want to use them as literal data, they must be encoded.
  • Form submissions: When forms are submitted with application/x-www-form-urlencoded, browsers automatically encode the data.
  • API requests: When building REST API calls with dynamic path segments or query parameters, encoding ensures the URL remains valid.
  • Redirects: When crafting redirect URLs that contain user-generated content, encoding prevents broken links.

Common URL Encoding Reference

Here are some commonly encoded characters and their percent-encoded equivalents:

  • Space → %20 (or + in query strings)
  • !%21
  • #%23
  • $%24
  • %%25
  • &%26
  • '%27
  • (%28
  • )%29
  • *%2A
  • +%2B
  • ,%2C
  • /%2F
  • :%3A
  • =%3D
  • ?%3F
  • @%40

encodeURI vs encodeURIComponent

In JavaScript, there are two commonly used encoding functions, and understanding the difference is important:

  • encodeURI() — Encodes a complete URI. It does not encode characters that have special meaning in a URI (, / ? : @ & = + $ #). Use this when encoding an entire URL.
  • encodeURIComponent() — Encodes a URI component. It encodes all characters except A-Z a-z 0-9 - _ . ! ~ * ' ( ). Use this for encoding individual query parameter values or path segments.

Best Practices

When working with URL encoding in your web applications:

  • Always use encodeURIComponent() for query parameter values to avoid injection vulnerabilities.
  • Be consistent with encoding across your entire application — mixing encoded and unencoded URLs can lead to double-encoding issues.
  • When decoding, use decodeURIComponent() to handle percent-encoded strings. Be aware that it throws an error on malformed input.
  • Consider using the URL and URLSearchParams APIs in modern JavaScript — they handle encoding automatically.
  • Test your URLs with both encoded and unencoded special characters to ensure your application handles edge cases gracefully.

💡 Pro Tips for Working with URL Encoding

  • Quick encoding in Chrome DevTools: Type encodeURIComponent("your string") in the Console for instant results. But for long query strings or sharing with teammates, this tool saves time.
  • Space encoding — %20 vs +: In query strings, spaces are often encoded as + (the application/x-www-form-urlencoded standard). In path segments, always use %20. This tool uses %20 by default, which works everywhere.
  • Avoid double-encoding bugs: Double-encoding is one of the most common URL bugs. If you see %25 in your output, you've encoded an already-encoded string. Always decode first with the Decode button to check what you're working with.
  • Use URLSearchParams for modern JS: Instead of manually building query strings, use new URLSearchParams({key: value}).toString() — it handles encoding automatically and is less error-prone than string concatenation.
  • Non-ASCII characters get 6-12 bytes each: A single Chinese character like 你 becomes %E4%BD%A0 (9 characters). If you're building long URLs with international text, factor this expansion into your URL length limits.

Frequently Asked Questions

Q: Why does my encoded URL still have special characters?
The encodeURI() method preserves characters like / ? & # for URL structure. Use encodeURIComponent() (which this tool uses) when you need all special characters encoded — perfect for query parameter values.

Q: Is this tool safe for sensitive URLs or API keys?
Yes. All encoding and decoding happens entirely in your browser using JavaScript. No data is ever sent to a server — you can disconnect from the internet after loading the page and it still works.

Q: I'm seeing %25 in my output — what happened?
This is double-encoding. If you encode an already-encoded string, the % sign itself gets encoded to %25. For example, hello%20world double-encoded becomes hello%2520world. Always decode first before re-encoding, or use the Decode button to check if your input is already encoded.

Q: When should I use %20 vs + for spaces?
Both represent a space character, but they're used in different contexts. %20 is the universal encoding that works everywhere — path segments, fragments, and query strings alike. The + sign comes from the application/x-www-form-urlencoded standard used by HTML forms, and only works in query strings. If your server or framework expects %20 but receives + (or vice versa), you'll get incorrect data. Our tool uses encodeURIComponent() which outputs %20 — the safe, universal choice that works regardless of context.

Q: Why does encodeURIComponent encode characters that seem safe?
encodeURIComponent encodes everything except A-Z a-z 0-9 - _ . ! ~ * ' ( ). This is by design — it's the safest option for query parameter values. Characters like @ and ! may look harmless but can break certain servers or frameworks. When in doubt, encode it.

Q: Can I use this tool to encode URLs in bulk?
Yes — paste multiple lines (one URL per line) and encode or decode them all at once. The tool preserves line breaks, so you get one encoded/decoded result per line. This is handy when you have a list of redirect URLs or API endpoints to process.

Q: How does URL encoding handle Chinese, Japanese, or emoji characters?
Non-ASCII characters are converted to UTF-8 bytes, then each byte is percent-encoded. For example, the Chinese character 工具 becomes %E5%B7%A5%E5%85%B7. One CJK character typically becomes 9 characters after encoding. Emoji work the same way — 🚀 becomes %F0%9F%9A%80. This tool handles all Unicode characters correctly, making it safe for international URLs.

Q: URL encoding vs Base64 — when should I use which?
They look similar but serve different purposes. URL encoding makes text safe for URLs by replacing unsafe characters with %XX hex codes — it's reversible and human-readable in context. Base64 encodes arbitrary binary data (images, files, tokens) into a compact ASCII string using A-Z, a-z, 0-9, +, /, and = padding. Use URL encoding for query parameters and path segments; use Base64 for embedding binary data in JSON payloads, data URIs, or JWT tokens. For Base64 work, check our Base64 Encoder — same client-side, privacy-first approach.

Why Use Our URL Encoder Tool?

Our free URL encoder/decoder provides instant, accurate encoding and decoding right in your browser. No data is sent to any server — everything happens locally for maximum privacy and speed. Whether you're debugging API calls, constructing query strings, or sanitizing user input, this tool helps you get the job done quickly.