What is URL encoding?

URL encoding (also called percent encoding) is a method for converting characters that are not allowed in a URL into a safe format. Each disallowed character gets replaced by a percent sign followed by two hexadecimal digits that represent the character's byte value. For example, a space becomes %20, and an ampersand becomes %26. The URL specification (RFC 3986) defines which characters need encoding and how the encoding works.

Why do spaces become %20 in URLs?

The URL specification does not allow space characters because URLs must be a single continuous string without whitespace. When a space needs to go into a URL, it gets encoded as %20, which represents byte value 32 (hex 20) in ASCII. In HTML form submissions, spaces can also appear as + signs, but %20 is the correct encoding in all other contexts.

Is URL encoding the same as percent encoding?

Yes. Percent encoding is the official name defined in RFC 3986. URL encoding is the common name that most developers use. Both refer to the same process of replacing characters with %XX sequences. The term 'percent encoding' is more technically accurate because the same mechanism applies to URIs in general, not just URLs.

What is the difference between encodeURI and encodeURIComponent in JavaScript?

encodeURI() encodes a complete URL but leaves characters like /, ?, &, and = unencoded because they have structural roles in the URL. encodeURIComponent() encodes everything, including those structural characters, because it assumes the string will be used as a single parameter value, not as a full URL. Use encodeURI() when you have a full URL to encode. Use encodeURIComponent() when you are encoding a query parameter value.

Can URL encoding handle emojis and special Unicode characters?

Yes. Emojis and other Unicode characters outside the ASCII range get encoded as sequences of %XX pairs representing their UTF-8 byte values. The grinning face emoji, for example, requires four UTF-8 bytes and becomes %F0%9F%98%80. This tool handles all Unicode characters correctly because it uses UTF-8 as the encoding standard, which matches how modern browsers and servers process URLs.

Does URL encoding provide security or encryption?

No. URL encoding is a formatting mechanism, not a security measure. Anyone can decode a percent-encoded string by reversing the process. If you need to protect data, use proper encryption (like AES) before encoding. If you need to prevent tampering, use a signature (like HMAC). Encoding keeps data safe from parser errors, not from attackers.

Why does my URL look different after encoding and then decoding?

In most cases, encoding and then decoding returns the exact original text. However, there are a few subtle differences. Unreserved characters that you chose to encode (like encoding A as %41) decode back to the same character, but the URL is now semantically equivalent rather than byte-identical. Also, some characters have multiple valid UTF-8 representations (rare, but possible), and the decoder might normalize them differently.

When should I use URL encoding versus HTML entity encoding?

Use URL encoding when you need to put text into a URL, like a query parameter or a path segment. Use HTML entity encoding when you need to display text on a web page that might contain HTML-reserved characters like , or &. They are not interchangeable. Using URL encoding in HTML leaves %XX sequences visible on the page. Using HTML entities in a URL breaks the URL structure.

How does URL encoding work with non-Latin alphabets like Arabic, Chinese, or Japanese?

Characters from non-Latin scripts are first converted to their UTF-8 byte representation, and then each byte gets its own %XX encoding. A Chinese character typically requires three bytes, producing three %XX sequences. An Arabic letter usually takes two bytes, producing two sequences. This tool handles all of these automatically. The resulting encoded URL looks long, but browsers and servers decode it back to the original characters without any manual intervention.

URL Encoder Decoder: Encode Decode URLs with Percent Encoding Online

Free URL encoder decoder online. Encode decode URLs with percent encoding for query strings and special characters. UTF-8 percent encoding converter. No signup.

Think of a URL like a mailing address on an envelope. The postal system only understands certain characters, and if you write something it does not recognize, the letter gets lost. URLs work the same way. Browsers and servers only accept a specific set of ASCII letters, digits, and a handful of symbols. Anything outside that set, like a space, an ampersand, a Chinese character, or an emoji, must first be converted into a format the URL system can safely carry. That conversion process is called percent encoding (also known as URL encoding), and it works by replacing each problematic character with a percent sign followed by two hexadecimal digits. A space becomes %20, an ampersand becomes %26, and the letter e with an accent becomes %C3%A9. This tool performs that conversion in both directions. Paste plain text and get the encoded URL, or paste an encoded URL and get the original text back. Everything runs inside your browser, nothing gets sent to any server.

How URL Encoding Actually Works

The URL specification (RFC 3986, published in January 2005) divides characters into two groups: reserved and unreserved. Reserved characters have special jobs inside a URL. The forward slash separates path segments, the question mark marks the start of the query string, the ampersand separates query parameters, and the equals sign pairs a parameter name with its value. Unreserved characters, which include the letters A through Z (upper and lowercase), digits 0 through 9, and the hyphen, period, underscore, and tilde, have no special role and can appear as-is. Any character that falls outside the unreserved set must be percent-encoded before it goes into a URL. The encoding process takes the character, converts it to its byte representation (using UTF-8 for anything outside the ASCII range), and then represents each byte as a percent sign followed by two hex digits. The letter A needs no encoding because it sits in the unreserved set. But the space character, which the URL specification does not allow, becomes %20. The Euro sign, which requires three bytes in UTF-8 (0xE2 0x82 0xAC), becomes %E2%82%AC. One important detail: reserved characters only need encoding when they appear in a context where their special meaning would cause confusion. A forward slash in a path segment does not need encoding because it is doing its normal job of separating parts of the path. But if you want a literal slash inside a query parameter value, you must encode it as %2F so the parser does not mistake it for a path separator.

How to Use This URL Encoder

Encoding or decoding a URL takes a few seconds. There are no accounts to create, no software to install, and no limits on how many times you can use it.

Paste your text or encoded URL

Drop your plain text into the input field if you want to encode it, or paste a percent-encoded string if you want to decode it. The tool auto-detects the direction based on what you type. If your input contains % signs followed by hex digits, the decoder recognizes it and prepares to reverse the encoding.

Switch between Encode and Decode mode

Click the Encode button to convert plain text into a percent-encoded string. Click Decode to go the other direction. The output appears right away in the result field below. For example, typing 'hello world' and clicking Encode gives you 'hello%20world'. Pasting 'hello%20world' and clicking Decode gives you back 'hello world'.

Copy the result

Click the Copy button next to the output field to grab the result to your clipboard. The tool does not store your input or output anywhere. Closing the tab clears everything.

Reserved Characters and Their Encoded Forms

These are the characters the URL specification reserves for special purposes. When you need to include one of them as literal data (not as a delimiter), encode it using the form shown here. The reference list below explains each character, and the detailed tables that follow give you the full picture at a glance: reserved characters with their ASCII codes, common special characters with real-world contexts, non-ASCII Unicode examples with UTF-8 byte breakdowns, and a step-by-step walk-through showing how the encoding process actually works under the hood.

SpaceEncoded as %20. The single most common encoding. In HTML form submissions (application/x-www-form-urlencoded), spaces can also appear as +, but %20 works everywhere, in paths, queries, and fragments alike.

! (Exclamation)Encoded as %21. Technically a reserved character under older RFCs but treated as unreserved in most modern contexts. Encoding it is safe but usually unnecessary.

# (Hash)Encoded as %23. Marks the beginning of the URL fragment identifier. An unencoded # tells the browser that everything after it is a fragment, not part of the query string. If a parameter value contains a #, you must encode it or the URL gets truncated at that point.

$ (Dollar)Encoded as %24. Used in some templating systems and API frameworks as a placeholder delimiter. Encode it when it appears inside a parameter value.

& (Ampersand)Encoded as %26. Separates query parameters from each other. An unencoded & in a parameter value splits that value into two separate parameters, which breaks the request. This is one of the most common encoding mistakes.

' (Single quote)Encoded as %27. Sometimes used in parameter values. Most browsers and servers handle an unencoded single quote correctly, but encoding it avoids edge-case issues with older parsers.

( (Left paren)Encoded as %28. Part of the reserved set. Rarely needs encoding in practice but safe to encode when it appears in data.

) (Right paren)Encoded as %29. Same as left paren. Safe to encode, rarely required.

* (Asterisk)Encoded as %2A. Treated as reserved in the URI specification but often accepted unencoded. Encode it for maximum compatibility.

+ (Plus)Encoded as %2B. In form submissions, a + represents a space. If you need a literal plus sign in a query value and you leave it unencoded, the server might interpret it as a space instead.

, (Comma)Encoded as %2C. Reserved in the URI spec. Encode it when it appears in data values, especially in query parameters.

/ (Forward slash)Encoded as %2F. Separates path segments. In a query parameter value, an unencoded / usually causes no harm, but some strict parsers treat it as a path separator. Encode it to be safe.

: (Colon)Encoded as %3A. Separates the scheme (http, https) from the rest of the URL. Also used to separate the host from the port number. Encode it inside parameter values.

; (Semicolon)Encoded as %3B. Used in some URL schemes as a parameter delimiter. Encode it when it appears in data.

= (Equals)Encoded as %3D. Pairs a query parameter name with its value. An unencoded = inside a value breaks the name-value parsing. For example, 'expr=a=b' confuses the server into thinking the parameter 'expr' equals 'a' and 'b' is a new parameter with no value.

? (Question mark)Encoded as %3F. Marks the beginning of the query string. If a question mark appears inside a parameter value and you do not encode it, the parser thinks the query string starts there.

@ (At sign)Encoded as %40. Separates user credentials from the host in a URL (as in ftp://user:pass@host). Encode it when it appears as data inside a parameter.

[ (Left bracket)Encoded as %5B. Used in IPv6 addresses within URLs. Encode it in query parameter values.

] (Right bracket)Encoded as %5D. Same as left bracket. Encode it in parameter values.

% (Percent)Encoded as %25. This is the most critical one. The percent sign itself starts every encoded sequence. If you need a literal % in a URL and you do not encode it, the parser tries to read the next two characters as a hex code, which either produces the wrong character or causes an error.

RFC 3986 Reserved Characters and Their Percent-Encoded Forms

Character	Name	ASCII Code	Encoded Form	When to Encode
!	Exclamation mark	33 (0x21)	%21	Safe to leave unencoded in most contexts; encode for strict compliance
#	Number sign / Hash	35 (0x23)	%23	Must encode in query values or the browser treats it as a fragment start
$	Dollar sign	36 (0x24)	%24	Encode when it appears inside a parameter value
&	Ampersand	38 (0x26)	%26	Must encode in values or the server splits it into separate parameters
'	Single quote	39 (0x27)	%27	Usually safe unencoded, but encode to avoid edge-case parser issues
(	Left parenthesis	40 (0x28)	%28	Rarely needs encoding; safe to encode for maximum compatibility
)	Right parenthesis	41 (0x29)	%29	Same as left parenthesis; safe to encode when in doubt
*	Asterisk	42 (0x2A)	%2A	Often accepted unencoded, but encode for full RFC compliance
+	Plus sign	43 (0x2B)	%2B	Must encode in query values or servers decode it as a space
,	Comma	44 (0x2C)	%2C	Encode when it appears inside data values
/	Forward slash	47 (0x2F)	%2F	Leave unencoded in paths; encode inside query parameter values
:	Colon	58 (0x3A)	%3A	Leave unencoded after scheme; encode inside parameter values
;	Semicolon	59 (0x3B)	%3B	Encode when it appears in data values
=	Equals sign	61 (0x3D)	%3D	Must encode in values or it breaks name-value pair parsing
?	Question mark	63 (0x3F)	%3F	Must encode in values or the parser treats it as query string start
@	At sign	64 (0x40)	%40	Encode when it appears as data inside a parameter
[	Left bracket	91 (0x5B)	%5B	Used in IPv6 addresses; encode in query values
]	Right bracket	93 (0x5D)	%5D	Same as left bracket; encode in parameter values

Common Special Characters and Their Encoded Forms

Character	Name	ASCII / UTF-8	Encoded Form	Where It Appears Most Often
	Space	32 (0x20)	%20	Search queries, form fields, file names
"	Double quote	34 (0x22)	%22	JSON values, HTML attributes inside URLs
%	Percent sign	37 (0x25)	%25	Discount text, progress indicators, formatted strings
<	Less than	60 (0x3C)	%3C	HTML tags inside URLs, math expressions
>	Greater than	62 (0x3E)	%3D	HTML tags inside URLs, comparison operators
\	Backslash	92 (0x5C)	%5C	Windows file paths, escape sequences
^	Caret	94 (0x5E)	%5E	Regex patterns, exponent notation
`	Backtick	96 (0x60)	%60	Template literals, Markdown code spans
{	Left brace	123 (0x7B)	%7B	JSON objects, template variables
\|	Vertical bar	124 (0x7C)	%7C	Pipe delimiters, OR operators
}	Right brace	125 (0x7D)	%7D	JSON objects, template variables
~	Tilde	126 (0x7E)	%7E	Home directory paths (unreserved, rarely needs encoding)
\n	Newline	10 (0x0A)	%0A	Multi-line text in query strings
\r	Carriage return	13 (0x0D)	%0D	Windows-style line breaks

URL Encoding Examples for Non-ASCII and Unicode Characters

Original Character	Description	UTF-8 Bytes	Percent-Encoded	Use Case Example
e (accent)	Latin small letter e with acute	C3 A9	%C3%A9	French city names like Saint-Etienne
u (umlaut)	Latin small letter u with diaeresis	C3 BC	%C3%BC	German words like Muenchen
n (tilde)	Latin small letter n with tilde	C3 B1	%C3%B1	Spanish words like Manana
C (cedilla)	Latin capital letter C with cedilla	C3 87	%C3%87	French words like Francois
(jing)	CJK Unified Ideograph	E4 BA AC	%E4%BA%AC	Chinese city names like Beijing
(tokyo)	CJK Unified Ideograph	E6 9D B1 E4 BA AC	%E6%9D%B1%E4%BA%AC	Japanese city names
(alef)	Arabic letter Alef	D8 A7	%D8%A7	Arabic names and phrases
(omega)	Greek capital letter Omega	CE A9	%CE%A9	Greek text, scientific notation
(rupee)	Indian Rupee sign	E2 82 B9	%E2%82%B9	Currency symbols in prices
(euro)	Euro sign	E2 82 AC	%E2%82%AC	European currency values
(emoji)	Grinning Face emoji	F0 9F 98 80	%F0%9F%98%80	Social media sharing links
(emoji)	Red Heart emoji	E2 9D A4	%E2%9D%A4	Reaction links, sharing buttons

URL Encoding Step-by-Step: How the Letter Sequence "Man" Becomes Percent-Encoded

Step	Operation	Result
1	Start with the original text	M a n
2	Convert each character to its ASCII decimal value	77 97 110
3	Convert each decimal value to hexadecimal	4D 61 6E
4	Since M, a, and n are all unreserved ASCII letters, no encoding is needed	M a n (unchanged)
5	If the input were "M&n" instead, the ampersand (ASCII 38, hex 26) would become %26	M%26n
6	If the input were "M n" instead, the space (ASCII 32, hex 20) would become %20	M%20n

URL Encoding in Practice: Real Examples

Seeing encoding in action builds the intuition faster than memorizing rules. These examples cover the situations developers run into daily, from building API calls to handling user input in web forms.

Encoding a search query with spaces

A user searches for 'blue sneakers on sale'. The browser needs to send that phrase as a query parameter. The raw URL would look like: example.com/search?q=blue sneakers on sale. But spaces break URLs, so the encoder converts each space to %20. The result: example.com/search?q=blue%20sneakers%20on%20sale. The server receives the original phrase after decoding.

Encoding an ampersand in a parameter value

A product name is 'Salt & Pepper'. If you put that into a URL without encoding, it looks like: shop.com/items?name=Salt & Pepper. The server sees two parameters: 'name=Salt ' and ' Pepper' (with no value). Encoding the ampersand fixes it: shop.com/items?name=Salt%20%26%20Pepper. The %26 ensures the server reads the ampersand as part of the value, not as a delimiter.

Encoding non-English characters

A French city name 'Saint-Etienne' contains an accented e. UTF-8 represents that e as two bytes: 0xC3 and 0xA9. Percent encoding turns each byte into its own %XX form, giving %C3%A9. The full URL parameter becomes city=Saint-%C3%A9tienne. A Chinese character like Beijing's Jing requires three UTF-8 bytes: %E4%BA%AC. This tool handles all of these automatically because it uses UTF-8 as the encoding standard.

Encoding a URL inside a URL

Sometimes a URL itself becomes a parameter value. For example, a redirect URL like redirect?url=https://example.com/page?x=1&y=2. Without encoding the inner URL, the server cannot tell where the redirect parameter ends and the next parameter begins. Encoding the inner URL solves this: redirect?url=https%3A%2F%2Fexample.com%2Fpage%3Fx%3D1%26y%3D2. Every reserved character in the inner URL gets its own %XX form, so the outer parser treats the entire inner URL as a single value.

Decoding a percent-encoded string back to readable text

You receive a log entry like 'user%20clicked%20button%20%233'. Pasting that into this tool's Decode mode gives you 'user clicked button #3'. The %20 becomes a space, and %23 becomes a hash symbol. This comes in handy when debugging API logs, reading encoded query strings in analytics dashboards, or verifying that your application encodes data correctly before sending it.

When Developers Need a URL Encoder

URL encoding comes up in more situations than many developers expect. These are the scenarios where having a reliable encoder saves time and prevents bugs that are difficult to trace.

Building API requests with query parameters

REST APIs accept parameters through query strings. If a parameter value contains spaces, special characters, or non-ASCII text, that value must be encoded before the request goes out. Forgetting to encode leads to 400 errors, missing data, or silently truncated values that cause downstream bugs.

Constructing OAuth and authentication redirect URLs

OAuth flows pass redirect URLs and state parameters inside other URLs. The redirect URL itself contains slashes, colons, and question marks, all of which need encoding when embedded as a parameter value. A single unencoded character can break the entire authentication flow.

Handling user-generated content in links

If your application generates links that include user input, like a search term or a profile bio, that input might contain ampersands, hash symbols, or emojis. Encoding the user's text before inserting it into a URL prevents both broken links and potential security issues like injection attacks.

Debugging encoded URLs in server logs

Server logs record incoming request URLs in their encoded form. When you see something like '%7B%22id%22%3A42%7D' in a log, decoding it reveals the original JSON string '{"id":42}'. This tool helps you read encoded log data without writing a one-off script.

Preparing data for HTML form submissions

HTML forms use the application/x-www-form-urlencoded content type, which applies percent encoding to all field values. Understanding how your form data gets encoded helps you debug submission issues and build custom form handlers that work correctly.

URL Encoding Mistakes That Cause Bugs

Encoding errors tend to hide in plain sight. The URL looks right at a glance, but something breaks at runtime. These are the mistakes that cause the most frustration, along with clear explanations of why they happen and how to avoid them.

Double encoding

This happens when you encode a string that is already encoded. The percent signs in the first encoding get encoded again in the second pass: %20 becomes %2520 (the % turns into %25, and the 20 stays). The server then decodes only one layer and receives '%20' as literal text instead of a space. Always check whether your input is already encoded before encoding it. This tool's Decode mode helps you verify.

Forgetting to encode parameter values

The structure of a query string, the parameter names, the = signs, and the & delimiters, must remain unencoded. Only the values need encoding. In 'search=hello world', encode just 'hello world' to get 'search=hello%20world'. Encoding the equals sign or ampersand that structures the query string breaks the entire parameter parsing.

Mixing up + and %20 for spaces

In the application/x-www-form-urlencoded format (the default for HTML form submissions), spaces become + signs. But in raw URL paths and in the URL specification itself, the correct encoding for a space is %20. If you use + in a path segment, the server might not decode it. If you use %20 in a form submission, the server usually handles it correctly, but some older systems do not. Use %20 for URLs in general and + only when you specifically need form-url-encoded output.

Assuming all reserved characters need encoding

A reserved character only needs encoding when it appears in a context where its reserved meaning would cause confusion. A forward slash in a path does not need encoding because it separates path segments, which is its intended role. But that same slash inside a query parameter value should be encoded as %2F so the parser does not mistake it for a path delimiter.

Not encoding the percent sign itself

If your data contains a literal percent sign (like '50% off'), that % must become %25. Without encoding, the parser sees the % and tries to read the next two characters as a hex code. '50% off' becomes '50%20off' after partial encoding, but if the percent sign itself is not encoded, the parser reads '% o' (percent, space, o) and either errors out or produces garbage.

URL Encoding vs Other Encoding Methods

Developers often encounter multiple encoding schemes and sometimes confuse them. Each one solves a different problem, and using the wrong one leads to broken URLs, corrupt data, or security gaps. Here is how URL encoding compares to the others you are likely to encounter.

URL encoding vs Base64

URL encoding replaces only the characters that the URL specification does not allow, keeping the rest of the text readable. Base64 converts all data into a 64-character alphabet, producing output that is completely unreadable and about 33% larger than the input. Use URL encoding when you need to safely embed text in a URL. Use Base64 when you need to embed binary data (like images or encrypted tokens) in a text-based format like JSON or email.

URL encoding vs HTML entity encoding

URL encoding converts characters into %XX sequences for safe transport within URLs. HTML entity encoding converts characters into named or numbered references like & or & for safe display inside HTML documents. They solve different problems and are not interchangeable. Encoding an ampersand as %26 works in a URL but does nothing in HTML. Encoding it as & works in HTML but breaks a URL.

URL encoding vs JavaScript encodeURIComponent()

JavaScript's built-in encodeURIComponent() function does exactly what this tool does: it percent-encodes a string for safe insertion into a URL component. The difference is that this tool gives you a visual interface for quick one-off encoding tasks, while encodeURIComponent() handles encoding programmatically inside your application code. Both produce the same %XX output and both follow the UTF-8 standard for non-ASCII characters.

URL Encoding Best Practices

Following a few consistent habits when working with URL encoding prevents entire categories of bugs. These practices come from the RFC specification and from real-world debugging experience.

Always encode on the way out, decode on the way in

Encode data immediately before placing it into a URL. Decode it immediately after pulling it out. Never store data in an encoded form. If you keep encoded strings in your database or in intermediate variables, you lose track of whether a given string is encoded or not, and double encoding becomes almost inevitable.

Use a library function, not manual string replacement

Writing your own encoding logic with string.replace() calls is fragile and error-prone. Every programming language provides built-in functions for URL encoding: encodeURIComponent() in JavaScript, urlencode() in Python, encodeURIComponent() in Java, HttpUtility.UrlEncode() in C#. Use them. They handle edge cases like Unicode and mixed character sets correctly.

Test with special characters early and often

If your application builds URLs from user input, test with names and values that contain spaces, ampersands, non-English characters, emojis, and percent signs. A test suite that only uses alphanumeric strings will not catch encoding bugs. Add test cases like 'O'Brien', '50% off', 'San Jose', and a Japanese name or two.

Decode before you re-encode

If you are not sure whether a string is already encoded, decode it first and then encode the result. This guarantees you end up with a single layer of encoding regardless of the input state. Most server-side frameworks do this automatically, but it is a good habit when you are building URLs manually.

Frequently Asked Questions About URL Encoding

Related Search Terms

url encoderurl decoder onlineurl encode decodepercent encoding toolencode URL onlinedecode URL onlineurl encoding decoderencode url parametersfree url encoder decoder online no signuphow to url encode special characters in query stringurl encode decode percent encoding converter UTF-8encode URL parameters for API query stringsdecode percent encoded URL string to readable texturl encode space as percent20 or plus signonline URL encoder decoder for reserved charactersdifference between url encoding and percent encoding