Dev Tools Encode URL Encoder/Decoder
100% client-side · No signup · Free forever

URL Encoder & Decoder

Escape special characters for URLs or decode percent-encoded strings.

1
Encode tool
URL Encoder/Decoder
Live
Text / URL
Output

URL encoding (a.k.a. percent-encoding, defined by RFC 3986) is how the web safely embeds arbitrary characters in URLs, query strings, and form-encoded request bodies. Spaces become %20 (or + in query strings), reserved characters like ?, &, and # get encoded when they appear inside a value, and non-ASCII characters are first encoded as UTF-8 then percent-escaped. This URL encoder/decoder uses the browser's native encodeURIComponent() and decodeURIComponent(), which match the WHATWG URL spec.

How URL Encoding Works

URL encoding replaces unsafe characters with %XX where XX is the two-digit hexadecimal byte value. Reserved characters that have special meaning in URLs (: / ? # [ ] @ ! $ & ' ( ) * + , ; =) are encoded when they appear inside a path segment or query value. Unreserved characters (A-Z a-z 0-9 - _ . ~) are always passed through unchanged. For non-ASCII text, the string is first encoded to UTF-8 bytes, then each byte is percent-escaped.

When to URL-Encode

  • Query string parameters?q=hello%20world&tag=foo%2Bbar.
  • Path segments — user-generated slugs containing slashes, spaces, or special chars.
  • Form submissionsapplication/x-www-form-urlencoded request bodies.
  • OAuth flows — redirect URIs and state parameters must be properly encoded.
  • Webhook URLs — encoding arbitrary IDs or tokens into callback URLs.
  • Debugging — seeing %2F in a URL? Decode it to see the actual value.

URL Encoding in Code

// JavaScript
const encoded = encodeURIComponent('hello world&foo=bar');
// => "hello%20world%26foo%3Dbar"

const decoded = decodeURIComponent('hello%20world');
// => "hello world"

// Python
from urllib.parse import quote, unquote
quote('hello world&foo=bar')   // => 'hello%20world%26foo%3Dbar'

// Shell (with python or jq)
python -c "import sys,urllib.parse; print(urllib.parse.quote(sys.stdin.read()))"

encodeURI vs. encodeURIComponent

JavaScript has two URL encoding functions: encodeURI() preserves reserved URI characters (: / ? # & =), so it's safe for encoding an entire URL; encodeURIComponent() encodes everything except unreserved characters, so it's safe for encoding a single query value or path segment. This tool uses encodeURIComponent because that's what you almost always want. For application/x-www-form-urlencoded bodies, spaces are encoded as + instead of %20 — use URLSearchParams for that case.