URL Encoder / Decoder

Why URL Encoding Matters

URLs can only contain a limited set of ASCII characters as defined by RFC 3986. Characters like spaces, ampersands (&), question marks, non-Latin characters, and emojis must be percent-encoded before being placed in a URL. For example, a space becomes %20, an ampersand becomes %26, and the Korean character 한 becomes %ED%95%9C.

When You Need URL Encoding

• Query parameters — Building URLs like ?search=hello+world&lang=ko requires encoding values that contain special characters.
• API requests — REST API calls with user-generated content in path segments or query strings.
• Form submissions — HTML forms use application/x-www-form-urlencoded content type by default.
• Deep links — Mobile deep links and OAuth redirect URIs with nested URL parameters.
• Internationalization — URLs with non-ASCII domain names (IDN) or paths need proper encoding.

encodeURIComponent vs encodeURI

JavaScript provides two encoding functions. encodeURIComponent() (used by this tool) encodes everything except A-Z a-z 0-9 - _ . ~ ! * ' ( ) and is correct for encoding individual parameter values. encodeURI() preserves characters like :, /, ?, &, and #, making it suitable for encoding entire URLs without breaking the structure. Using the wrong function is one of the most common bugs in URL handling.

Frequently Asked Questions

Why does my URL break when I include a & character? The & character separates query parameters. If your value contains &, it must be encoded as %26 or the URL parser will split it into separate parameters.

Should I encode the entire URL? No. Only encode individual values, not the full URL. Encoding the entire URL will break the protocol (https://) and path separators (/).

URL Encoding in Different Languages

Every programming language handles URL encoding slightly differently. JavaScript: encodeURIComponent() for values, encodeURI() for full URLs. Python: urllib.parse.quote() (Python 3) or urllib.parse.urlencode() for query strings. Java: URLEncoder.encode(value, "UTF-8") — note it uses + for spaces instead of %20. PHP: urlencode() (uses + for spaces) vs rawurlencode() (uses %20). Go: url.QueryEscape() for query values, url.PathEscape() for path segments. The difference between + and %20 for spaces is a common source of interoperability bugs between systems written in different languages.

Double Encoding and Common Pitfalls

Double encoding occurs when an already-encoded string is encoded again, turning %20 into %2520. This breaks URLs and is one of the most frequent bugs in web development. It typically happens when URL-building libraries encode values that were already manually encoded. To avoid this, always encode raw values exactly once, and use high-level APIs like URLSearchParams or ORM query builders that handle encoding internally. Another common pitfall is encoding the entire URL including the protocol and path separators — only individual parameter values should be encoded, never the structural characters like ://, /, ?, or &.

URL Encoding in Different Languages

Every programming language provides URL encoding utilities, but their behavior differs in subtle ways. JavaScript: encodeURIComponent() for values, encodeURI() for full URLs. Python: urllib.parse.quote() (encodes everything except letters, digits, and _.-~) and urllib.parse.urlencode() for dictionaries. Go: url.QueryEscape() encodes spaces as + (form encoding), while url.PathEscape() encodes spaces as %20. PHP: urlencode() encodes spaces as +, rawurlencode() as %20. The space encoding difference (+ vs %20) is the most common source of cross-platform URL bugs.

Percent-Encoding Deep Dive

Percent-encoding (also called URL encoding) converts each byte of a character into %XX format, where XX is the hexadecimal byte value. ASCII characters like @ become %40 (one byte). UTF-8 multi-byte characters produce multiple percent-encoded triplets: the Euro sign (€) encodes as %E2%82%AC (3 bytes), and emojis like 😀 encode as %F0%9F%98%80 (4 bytes). RFC 3986 defines unreserved characters (A-Z a-z 0-9 - . _ ~) that should never be encoded, and reserved characters (: / ? # [ ] @ ! $ & ' ( ) * + , ; =) that must be encoded when used outside their special purpose in URL syntax.