πŸ’°β­πŸ“šπŸ€
v1.0.0-alpha

URL Encoder/Decoder

Encode text to URL-safe format (percent-encoded) or decode back to plain text.

About URL Encoder/Decoder

URL encoding (also called percent encoding) is the process of converting characters into a format that can be safely transmitted over the internet. Special characters, spaces, and non-ASCII characters are replaced with a % sign followed by two hexadecimal digits representing the character's ASCII code. Our URL Encoder/Decoder tool helps you encode URLs for safe transmission and decode them back to readable text, essential for web development, API integration, and SEO.

What is URL Encoding?

URL encoding is a mechanism to represent characters in URLs using only ASCII characters. According to RFC 3986, URLs can only contain a limited set of characters: letters (A-Z, a-z), digits (0-9), and a few special characters (- _ . ~). All other characters must be percent-encoded. For example, a space becomes %20, an ampersand becomes %26, and a Chinese character δ½  becomes %E4%BD%A0. URL encoding ensures that URLs are transmitted correctly across the internet, regardless of character sets, and prevents special characters from being misinterpreted as URL syntax. It's essential for query parameters, form data, API requests, and internationalized URLs.

How to Use This Tool

  • Enter or paste your text/URL in the input field
  • Click "Encode" to convert special characters to URL-safe format
  • Click "Decode" to convert percent-encoded strings back to readable text
  • Copy the result with one click
  • Handle spaces (converted to %20 or +)
  • Encode entire URLs or just query parameters
  • Support for Unicode and international characters
  • All processing happens locally - complete privacy

Common URL Encoding Use Cases

  • Query Parameters: Encode search terms and filter values (e.g., ?q=hello%20world)
  • Form Submissions: Encode form data in POST requests (application/x-www-form-urlencoded)
  • API Requests: Pass special characters safely in REST API calls
  • File Paths: Encode filenames with spaces or special characters
  • OAuth & Authentication: Encode redirect URIs and callback URLs
  • Email Links: Create mailto: links with encoded subjects and bodies
  • Social Media Sharing: Encode URLs for Twitter, Facebook share buttons
  • Internationalized URLs: Handle non-ASCII characters in URLs (Chinese, Arabic, emojis)

URL Encoding Rules

  • Unreserved Characters (safe, never encoded): A-Z, a-z, 0-9, -, _, ., ~
  • Reserved Characters (encoded in certain contexts): : / ? # [ ] @ ! $ & ' ( ) * + , ; =
  • Space: Encoded as %20 (or + in query strings for legacy compatibility)
  • Percent Sign: %25 (must be encoded when literal)
  • Non-ASCII Characters: Encoded as UTF-8 bytes (e.g., € becomes %E2%82%AC)
  • Control Characters: %00-%1F and %7F (not allowed in URLs)
  • Example: "Hello World!" becomes "Hello%20World%21"
  • Double Encoding: Avoid encoding already-encoded strings (results in %2520 for space)

URL Encoding vs Other Encodings

  • URL Encoding vs HTML Encoding: HTML uses &entity; format (&, <), URL uses %hex
  • URL Encoding vs Base64: Base64 for binary data, URL encoding for text in URLs
  • application/x-www-form-urlencoded: Form data encoding (+ for space, & separator)
  • multipart/form-data: For file uploads, doesn't use URL encoding
  • encodeURI() vs encodeURIComponent(): URI encodes full URL, URIComponent encodes parts
  • Punycode: For international domain names (IDN) like mΓΌnchen.de β†’ xn--mnchen-3ya.de
  • IRI vs URI: IRI allows Unicode directly, URI requires percent encoding

Common URL Encoding Mistakes

  • Not encoding query parameter values: "?q=hello world" should be "?q=hello%20world"
  • Double encoding: Encoding already-encoded strings creates %2520 instead of %20
  • Wrong encoding function: Using encodeURI() instead of encodeURIComponent() for parameters
  • Not encoding & and =: These are special in query strings and must be encoded in values
  • Encoding the entire URL: Only encode path segments and query values, not protocol/domain
  • Mixing + and %20: Be consistent with space encoding in query strings
  • Not handling Unicode: Non-ASCII characters must be encoded as UTF-8
  • Forgetting to decode: Always decode on server before processing

SEO and URL Best Practices

  • Use hyphens (-) instead of underscores or spaces in URLs
  • Keep URLs short and descriptive: /blog/seo-tips not /page?id=123
  • Encode special characters properly to avoid broken links
  • Use lowercase letters for consistency
  • Avoid unnecessary parameters and tracking codes
  • Use canonical URLs to prevent duplicate content issues
  • Implement 301 redirects when changing URLs
  • Use human-readable URLs (slugs) instead of IDs when possible
  • Encode international characters for global reach
  • Test encoded URLs to ensure they work correctly

Programming Implementations

  • JavaScript: encodeURIComponent(str) for parameters, encodeURI(url) for full URLs
  • Python: urllib.parse.quote(str) or quote_plus(str)
  • PHP: urlencode($str) or rawurlencode($str)
  • Java: URLEncoder.encode(str, "UTF-8")
  • C#: HttpUtility.UrlEncode(str) or Uri.EscapeDataString(str)
  • Ruby: CGI.escape(str) or ERB::Util.url_encode(str)
  • Go: url.QueryEscape(str) or url.PathEscape(str)
  • Always specify UTF-8 encoding to ensure consistent results

Frequently Asked Questions

What's the difference between %20 and + for spaces?

Both represent spaces, but in different contexts. %20 is the standard URL encoding for space and works everywhere. The + sign is an older convention used specifically in query strings (application/x-www-form-urlencoded). Modern applications should use %20 for consistency. In JavaScript, use encodeURIComponent() which produces %20, not +.

Should I encode the entire URL or just parts?

Never encode the entire URL! Only encode individual components: path segments, query parameter values, and fragment identifiers. The protocol (http://), domain (example.com), and structural characters (?, &, =) should NOT be encoded. Use encodeURIComponent() for values and encodeURI() only for full URLs that may contain special characters.

Why do I see %E4%BD%A0 for Chinese characters?

Non-ASCII characters like Chinese, Arabic, or emojis are first converted to UTF-8 bytes, then each byte is percent-encoded. The character δ½  in UTF-8 is three bytes: E4 BD A0, which becomes %E4%BD%A0. This ensures Unicode characters can be safely transmitted in URLs. Modern browsers display these as readable characters in the address bar (punycode rendering).

What is double encoding and how do I avoid it?

Double encoding happens when you encode an already-encoded string. For example, encoding "hello world" gives "hello%20world", but encoding that again gives "hello%2520world" (the % becomes %25). To avoid: check if string is already encoded before encoding, only encode user input once, and decode before re-encoding. Use libraries that handle this automatically.

Can URL encoding be decoded?

Yes! URL encoding is completely reversible. Any %XX sequence can be converted back to its original character. Use decodeURIComponent() in JavaScript, urllib.parse.unquote() in Python, or equivalent functions in your language. However, if the original had multiple spaces or special characters, you can't know their original format after encoding (all become %XX).

Is URL encoding secure?

URL encoding is NOT encryption or security! It's only for safe transmission of characters. Anyone can decode URL-encoded strings. Never use URL encoding to hide sensitive data like passwords or API keys. For security, use HTTPS (encrypts entire URL), authentication tokens, or proper encryption algorithms. URL encoding only prevents injection attacks by escaping special characters.

Why won't my URL work even after encoding?

Common issues: 1) Encoded the entire URL instead of just values, 2) Used wrong encoding function (encodeURI vs encodeURIComponent), 3) Server expecting different encoding, 4) URL too long (browsers limit to ~2000 chars), 5) Special characters in domain name (use Punycode), 6) Mixed encoding schemes. Test in a REST client like Postman to isolate the issue.

Do I need to encode hyphens, underscores, or dots?

No! Hyphens (-), underscores (_), periods (.), and tildes (~) are unreserved characters and safe to use in URLs without encoding. They will never be misinterpreted. This is why hyphens are recommended for URL slugs: /blog/seo-tips is cleaner than /blog/seo%20tips. Only encode when these characters have special meaning in your application context.

Related Tools

Base64 EncoderHTML EncoderJSON FormatterHash Generator