URL Encode/Decode
URLs only allow a limited set of characters in their raw form. Spaces, ampersands, equals signs, non-ASCII text, and many symbols must be converted into percent-encoded sequences before they can travel safely as part of a path or query value. This tool applies standard percent encoding so you can prepare a string for a link or recover the original text from an encoded parameter. Use it when building search URLs, debugging referral links, preparing mailto parameters, or inspecting what a browser actually sent. Encoding only the dynamic portion of a URL—not the entire address—keeps schemes, hosts, and reserved separators intact while still protecting the payload.
Informational only; verify critical results independently.
How to use
- Paste only the text that will become a path segment or query value—not the full https:// address if you want to avoid damaging reserved characters.
- Choose Encode to turn spaces, punctuation, and Unicode into percent sequences such as %20 or multi-byte UTF-8 forms.
- Copy the encoded result into your query string, redirect builder, or API client as a single parameter value.
- When you already have a percent-encoded string from logs or analytics, paste it and choose Decode to read the original human text.
- If you see plus signs standing in for spaces from old form submissions, normalize them to %20 before decode if your source used that convention.
- Encode email addresses, product titles, or filter names individually so ampersands and equals signs do not split the query into extra keys.
- After a round trip of encode then decode, confirm the plain text matches your source to catch double-encoding or truncated paste errors.
- Avoid encoding an already-encoded string a second time unless you intentionally need nested encoding for a proxy or nested parameter.
- Keep scheme, host, path separators, and the ? & = structure of the URL outside of the text you encode so navigation still works.
- Treat this as a drafting aid: production systems should encode with the same library conventions your backend expects.
Examples
- Encode hello world for a search query → hello%20world.
- Encode a=b&c=d as one parameter value → a%3Db%26c%3Dd so it does not invent extra query keys.
- Decode %E4%BD%A0%E5%A5%BD → 你好 (UTF-8 Chinese greeting).
- Encode user@example.com for a mailto or nested query value → user%40example.com.
- Encode price=10.99 for a product deep link value → price%3D10.99.
- Encode café menu → caf%C3%A9%20menu with UTF-8 percent bytes for é.
- Decode %2Fapi%2Fv1%2Fusers when you need the literal path string /api/v1/users as a value, not as real path segments.
- Encode well-known → well-known (hyphen may stay unescaped) while space still becomes %20.
- Decode a long tracking parameter like utm_campaign=spring%20sale%20%E2%9C%85 to read spring sale ✓.
- Encode 100% match carefully: the percent itself becomes %25 so decode does not misread later digits as escapes.
FAQ
- What is percent encoding?
- Percent encoding replaces unsafe or reserved characters with a percent sign followed by two hexadecimal digits representing a byte. In modern web stacks that usually means UTF-8 bytes. The result can sit inside a URL without being mistaken for structure such as a path slash or a query delimiter.
- Should I encode the entire URL or just part of it?
- Encode only the dynamic piece: one query value, one path segment, or one header fragment. Encoding a complete URL turns colons and slashes into %3A and %2F, which breaks browsers and scrapers that expect a real address. Nest parameters carefully when one URL contains another.
- Why do some systems use + instead of %20 for spaces?
- Older application/x-www-form-urlencoded forms historically used + for space. Strict percent encoding and many encodeURIComponent-style APIs use %20 instead. If decode looks wrong, try replacing + with %20 first, then decode again so spaces come back as spaces.
- Why did my slash become %2F?
- A literal slash inside a value must not create extra path segments, so it is encoded as %2F. That is correct when the slash is data. If you meant real path levels, keep those slashes outside the string you encode and only encode each segment’s name.
- How are Unicode characters and emoji handled?
- They are converted to UTF-8 bytes and each byte is percent-encoded. A check mark might appear as %E2%9C%85. Decoding those sequences restores the original character when the payload is valid UTF-8 percent-encoding.
- What is double-encoding and how do I spot it?
- Double-encoding happens when %20 is encoded again into %2520. The text still looks “encoded” but a single decode only peels one layer. Decode once, inspect the result, and stop when you see plain text rather than more percent sequences—unless your architecture truly nests layers.
- Why does decode produce mojibake or weird characters?
- The input may be truncated, mixed with HTML entities, or encoded with a non-UTF-8 legacy charset. Confirm you pasted a complete percent-encoded value and that the producing system used UTF-8. Partial hex pairs or stray % characters also confuse decoders.
- Is this the same as encodeURI versus encodeURIComponent?
- Conceptually this tool follows component-style encoding: characters that are meaningful in URLs, such as &, =, and /, are escaped so they can live inside a single parameter. Full-URI helpers leave more characters alone so they can form a complete address. Match whichever convention your framework documents.
- Can I use this for path segments that include spaces or accents?
- Yes. Encode each segment’s name separately, then join with real slashes between segments. That pattern keeps directory structure readable while still sending international characters safely to servers that expect UTF-8 percent-encoding.
- Does encoding hide or encrypt sensitive data?
- No. Percent encoding is reversible by design and is only a transport encoding. Anyone can decode the value. Use HTTPS and proper access control for secrets; never treat URL encoding as confidentiality.
- When should I leave a character unencoded?
- Unreserved characters such as letters, digits, hyphen, period, underscore, and tilde are often left as-is. Reserved characters stay unencoded only when they play their structural role—for example the ? that starts a query string. When in doubt for a value, encode it.
- Is my text sent to a server when I use this tool?
- No. Encoding and decoding run in your browser. We do not store the strings you paste. Still avoid pasting live production secrets into any page you do not trust.
Formula / Method
Assumptions & Limitations
Related guides
Related tools
Last updated: 2026-07-13