URL Encoder & Decoder
Encode and decode URL parameters, query strings, and full URLs instantly. Converts special characters, spaces, and non-ASCII text to percent-encoded format (%20, %26, etc.) and back. Essential for building API requests, handling query parameters, fixing broken links, and working with redirects. All processing is in-browser.
Common URL Encoded Characters
| Character | URL Encoded | Description |
|---|---|---|
| Space | %20 | Space character in URLs |
| & | %26 | Separates query parameters |
| = | %3D | Assigns values in query strings |
| ? | %3F | Starts the query string |
| # | %23 | Marks fragment identifier |
| + | %2B | Plus sign |
| % | %25 | Percent sign itself |
| / | %2F | Path separator |
| @ | %40 | Email addresses or usernames |
| : | %3A | Protocol separator |
What is URL Encoding?
URL encoding (also called percent-encoding) converts characters that are not allowed in a URL into a safe format. Each unsafe character is replaced with a % followed by two hexadecimal digits representing the character's ASCII or UTF-8 code.
For example, a space becomes %20, and & becomes %26. This ensures the URL can be safely transmitted and interpreted by browsers and servers.
Common Encoded Characters
| Character | Encoded | Usage |
|---|---|---|
| Space | %20 | Spaces in parameter values |
| & | %26 | Separates query parameters |
| = | %3D | Assigns values in query strings |
| + | %2B | Plus sign in parameter data |
| # | %23 | Hash — reserved for fragments |
| ? | %3F | Query string start character |
Tips & Tricks
- Encode individual parameter values, not the entire URL
- Use
encodeURIComponent()in JavaScript for query values - Use
encodeURI()for full URL encoding (preserves /, ?, &) - In form data, spaces can be encoded as
+instead of %20 - Non-ASCII chars (Unicode) need UTF-8 encoding before percent-encoding
Common URL Encoding Use Cases
Query Strings
Encode values in URL query parameters so special characters are transmitted safely.
API Requests
Encode search terms, filters, and data before appending them to API endpoints.
Redirects
Encode redirect_uri parameters in OAuth flows and SSO configurations.
Form Data
Properly encode form submission data for POST requests with special characters.
Frequently Asked Questions
Related Tools
URL Encoding and the Structure of Web Addresses
URLs can only contain a limited set of ASCII characters. Any character outside this safe set — including spaces, unicode characters, and reserved symbols like &, =, and # — must be percent-encoded before being placed in a URL. Percent-encoding replaces each unsafe byte with a percent sign followed by its two-digit hexadecimal representation. A space becomes %20, an ampersand becomes %26, and a forward slash becomes %2F. This encoding is defined by RFC 3986 and is fundamental to how the web works — every form submission, API call, and redirect URL relies on properly encoded parameters.
When and Why URL Encoding Matters
Incorrect URL encoding is one of the most common causes of broken API calls, failed redirects, and security vulnerabilities. Double-encoding (encoding an already-encoded string) produces garbled URLs. Under-encoding (passing raw special characters) causes parameter injection and URL splitting attacks. Query parameters with values containing & or = must be encoded to prevent the browser from interpreting them as parameter delimiters. OAuth callback URLs, webhook endpoints, and deep links are particularly sensitive to encoding errors. Our tool encodes and decodes both individual components and full URLs, showing the transformation in real time.
URL Encoding in APIs and Security
In API development, URL encoding is critical for building safe query strings, path parameters, and form data. JavaScript provides encodeURIComponent() for encoding individual values and encodeURI() for encoding full URLs — confusing the two is a common source of bugs. For encoding binary data in URLs, Base64URL encoding is preferred. Explore the Base64 Tool for encoding data, the JWT Decoder for inspecting URL-safe tokens, and the API Request Builder for testing endpoints. Check domain configuration with the DNS Lookup. Explore all tools on the homepage.