URL Encode Decode
|
Percent-encode a string for safe use in URL query parameters, or decode a percent-encoded string back to readable text. Uses encodeURIComponent / decodeURIComponent semantics.
Why URL encoding matters
URLs have reserved characters that carry structural meaning: & separates query parameters, = separates a key from its value, ? starts the query string, # starts a fragment, and % is the escape prefix. If these appear unencoded inside a parameter value, they break the URL parser.
A search query containing & gets split into two parameters. A value containing # is cut off at the fragment boundary. A space character in a value causes a malformed request.
encodeURIComponent vs encodeURI
encodeURIComponent encodes everything except unreserved characters (letters, digits, -, _, ., !) and is intended for individual parameter values. It encodes ?, &, /, :, and # because those are structurally significant when they appear inside a value.
encodeURI encodes a complete URL and leaves structural characters unencoded. Use it for full URL strings. Use encodeURIComponent for individual values you are inserting into a URL.
This tool uses encodeURIComponent semantics — encode individual parameter values, not full URLs.
Decoding encoded strings
When you receive a URL with percent-encoded values and need to read them, paste the encoded string here and switch to Decode mode. %20 becomes a space, %2F becomes /, and so on.
If the input contains a malformed percent sequence (% followed by non-hex characters or cut off at the end), the tool shows an error rather than returning a partial result.
See also: Base64 Encode / Decode
How percent encoding works
Percent encoding converts each byte of a character to % followed by two uppercase hexadecimal digits. For ASCII characters, the byte value equals the ASCII code: a space (ASCII 32, hex 0x20) becomes %20, and an ampersand (ASCII 38, hex 0x26) becomes %26.
For non-ASCII characters such as accented letters or CJK characters, the character is first encoded as UTF-8 bytes, then each byte is percent-encoded separately. The Japanese character あ (U+3042) encodes to the three UTF-8 bytes E3 81 82, giving the percent-encoded form %E3%81%82.
This is why pasting a URL with Japanese or other non-Latin text into a browser address bar looks different when you copy it back — the browser has percent-encoded the non-ASCII characters.
→ %20& → %26= → %3D# → %23+ → %2Bあ → %E3%81%82URL encoding in API requests and curl
When building query strings manually for curl or fetch requests, each parameter value must be encoded before concatenation. Forgetting to encode a value containing & splits it into multiple parameters; a value containing # causes the rest to be interpreted as a URL fragment.
In curl, use --data-urlencode for POST body fields or wrap values in single quotes and encode manually for GET query strings. In JavaScript, URLSearchParams handles encoding automatically: new URLSearchParams({ q: "hello world" }).toString() produces q=hello+world using form encoding.
In Python with the requests library, pass a dict to the params argument: requests.get(url, params={"q": "hello world"}) — the library encodes the values correctly without manual encoding.
curl 'https://api.example.com/search?q=hello%20world&type=exact'curl -G --data-urlencode 'q=hello world' https://api.example.com/searchnew URLSearchParams({ q: 'hello world', page: '1' }).toString()
// → q=hello+world&page=1requests.get('https://api.example.com', params={'q': 'hello world'})Building query strings correctly
A common mistake is constructing a query string by string concatenation without encoding the values: `"/search?q=" + userInput`. If userInput contains &, =, or #, the resulting URL is malformed.
The correct approach is to encode each value before inserting it. In JavaScript: `/search?q=${encodeURIComponent(userInput)}`. In a server-side context, use the URL or URLSearchParams class to construct the full URL — it handles encoding automatically.
Encoding the entire URL rather than just the values is another frequent mistake. encodeURI is intended for full URLs and leaves structural characters (/ : ? & =) unencoded. encodeURIComponent encodes everything including structural characters and is the right function for parameter values.
`/search?q=${query}` — breaks if query contains & or =`/search?q=${encodeURIComponent(query)}`new URL("/search", base); url.searchParams.set("q", query);Frequently Asked Questions
- What does %20 represent?
- %20 is the percent-encoded form of a space character. Percent encoding uses % followed by the two-digit hexadecimal value of the byte. 20 is the ASCII code for space in hex.
- Should I encode the full URL or just the values?
- Encode only the values you are inserting into a URL — not the full URL. Encoding a full URL breaks its structure by encoding :// to %3A%2F%2F and ? to %3F.
- Why does + appear in some encoded URLs instead of %20?
- In HTML form encoding (application/x-www-form-urlencoded), spaces are encoded as + rather than %20. In query strings produced by forms, + means space. encodeURIComponent always uses %20, which is unambiguous.
- What characters are NOT encoded by encodeURIComponent?
- Letters (A–Z, a–z), digits (0–9), and these four characters: - _ . ! — all others get percent-encoded.
- How do I encode a URL that already contains encoded sequences?
- Do not double-encode. If the string already contains %20 and you run encodeURIComponent on it, the % becomes %25, turning %20 into %2520. Check whether the value is already encoded before encoding again. If you need to encode a raw string that may contain %, only call encodeURIComponent once on the original unencoded value.
- How do I URL-encode Japanese or other non-ASCII characters?
- encodeURIComponent converts non-ASCII characters to their UTF-8 byte sequence and percent-encodes each byte. The character あ becomes %E3%81%82 (its three UTF-8 bytes). Modern browsers and HTTP clients handle this automatically. Some older systems require the complete percent-encoded form — use this tool to produce it.