Free URL Encode and Decode

Mastering URL Encoding (Percent-Encoding)

URLs can only be sent over the Internet using the ASCII character-set. Because URLs often contain characters outside the ASCII set (like spaces, foreign languages, or special symbols), the URL must be converted into a valid ASCII format. Our URL Encoder/Decoder safely transforms these characters into a "%" followed by two hexadecimal digits.

Common Real-World Scenarios

  • API Query Parameters: When sending search queries or user input to a backend (e.g., ?q=shoes & shirts must become ?q=shoes%20%26%20shirts).
  • Deep Linking in Mobile Apps: Passing a fallback URL inside another URL (e.g., https://app.com/login?redirect=https%3A%2F%2Fapp.com%2Fdashboard).
  • Email Marketing: Ensuring UTM parameters with spaces or special characters don't break the link when clicked from an email client.

encodeURI vs encodeURIComponent

In JavaScript, developers often confuse these two native functions. Our tool acts as encodeURIComponent, which is usually what you want. Here is the difference:

  • encodeURI(): Used to encode an *entire* URL. It ignores protocol prefixes and domain separators like :, /, ?, and &.
  • encodeURIComponent(): Used to encode a *piece* of a URL (like a query parameter). It encodes everything, including / and &. If you use this on a full URL, it will break the link.

Real-World Examples

  • Handling Spaces: Hello WorldHello%20World
  • Handling Emails: user@example.comuser%40example.com
  • Handling Complex Data (JSON in URL): {"id":1}%7B%22id%22%3A1%7D

Edge Cases to Watch Out For

  • The Plus Sign (+) vs %20: Historically, spaces in URL query strings were encoded as +. However, modern percent-encoding strictly uses %20 for spaces. If you decode a URL and see + signs instead of spaces, it's a legacy encoding quirk.
  • Double Encoding: If you accidentally encode a string twice, %20 becomes %2520 (because the % itself gets encoded to %25). Always ensure you decode fully before re-encoding.

When NOT to use this

Do not use URL encoding for encrypting sensitive data like passwords or tokens. URL encoding is purely a formatting standard, not a security measure. Anyone can decode it instantly. For security, use HTTPS and transmit sensitive data in the request body (POST), not in the URL.

Explore More URL Tools

URL Slug Generator
Free Online URL Parser

Frequently Asked Questions

How to encode a URL?

Paste your text into the input box, select 'Encode,' and the tool will replace special characters (like spaces or symbols) with their percent-encoded equivalents (e.g., %20 for a space). Use UTF-8 for non-ASCII characters.

How to decode URL parameters?

Paste the encoded URL into the input box, select 'Decode,' and the tool will convert percent-encoded characters (like %3A) back to their original symbols (e.g., :).

What does %21 mean in a URL?

%21 represents the exclamation mark (!) in percent-encoding. Reserved characters like ! are encoded to avoid conflicts with URL syntax.

What is data URL encoding?

Data URL encoding embeds files (like images) directly into URLs using Base64. While different from standard percent-encoding, our tool focuses on URI-safe encoding for web links.

Why do spaces become %20 in URLs?

Spaces are not allowed in URLs and are replaced with %20, their UTF-8 hexadecimal value. Some systems use '+', but %20 is the standard for URIs.

What’s the difference between encodeURI and encodeURIComponent?

encodeURI skips encoding characters like / and @ for full URLs, while encodeURIComponent encodes all reserved characters, ideal for URL parameters.

Which characters are safe in URLs?

Unreserved characters (A-Z, a-z, 0-9, -_.~) are always safe. Reserved characters (e.g., !*') may need encoding depending on their context in the URL.

Is this URL encoder/decoder secure?

Yes! All processing happens client-side (in your browser), and no data is stored on our servers. We use HTTPS to ensure secure transmission.

Logo

WebToolSmith

Made with