URL Encode/Decode
Percent-encode or decode URLs to ensure parameters are correct during network transmission.
Encode
Decode
Input Content
Output Result

                  

About URL Encoding/Decoding: Fundamentals You Need to Know

URL encoding (also called percent-encoding) is the standard mechanism for embedding special characters inside a URI. It encodes non-ASCII or reserved characters as a percent sign followed by two hexadecimal digits. Understanding the rules and common pitfalls will help you handle API parameters, links and form submissions more effectively.

#01

What Is URL Percent-Encoding?

URL percent-encoding is defined in RFC 3986. The URL specification only allows letters, digits and a small set of punctuation marks to appear literally; every other character must be "escaped" as a percent sign % followed by two hexadecimal digits.

For example, the characters "土豆" are encoded as %E5%9C%9F%E8%B1%86, and a space " " is encoded as %20 (or, for legacy form encoding, as +). The purpose is to allow arbitrary information to be transmitted reliably across ASCII-only networks.

To use our tool, just paste or type text into the input, select "Encode" or "Decode", then click "Execute" to convert.

#02

encodeURI vs encodeURIComponent — When to Use Which

Browsers expose two encoding functions, but they serve very different purposes. Here is how to choose:

  • encodeURI: encodes an entire URL. It preserves characters with special meaning, such as : / ? # [ ] @ ! $ & ' ( ) * + , ; = - . _ ~. Use this when you want to convert a complete non-ASCII URL into something transmissible.
  • encodeURIComponent: encodes a single parameter or path segment. It encodes every reserved character, so the resulting fragment is safe to place inside a query parameter, a path, or a hash. This is the most common function in backend / API development — and the default implementation used by this tool.

A widespread anti-pattern is "running the whole URL through encodeURIComponent and then pasting it into an href". Doing so encodes colons and slashes into %3A / %2F, breaking the URL entirely. The correct rule: use encodeURIComponent on parameter values only, not on the whole URL.

#03

Data Security & Privacy

URL query parameters and path segments often carry sensitive information — internal API paths, user IDs, redirect targets, and so on. Submitting them to a third-party server means they can be logged and leaked.

This tool is built around the principle of "100% frontend-only operation". Every encoding and decoding operation happens locally in your browser — no input or output is sent to any server, and nothing is persisted or cached. You can even disconnect from the network and keep using it.

For highly sensitive URLs (e.g. internal APIs, addresses with tokens), we recommend working in an offline or otherwise controlled environment, or manually redacting sensitive fields before pasting, to enforce the principle of least exposure.

📖 Want to Learn More?
Read the complete URL encoding guide: RFC 3986 deep dive, reserved / unreserved character lists, common encoding pitfalls, real-world scenarios and best practices (~10 min read)
Read Complete Guide →