URL Encode / Decode

Percent-encode special characters in URLs (RFC 3986) or decode URL-encoded strings back to readable text. Supports both encodeURIComponent and full URI encoding modes. Everything runs in your browser — your data never leaves your machine.

Direction
Mode
Auto-convert
Input · Plain text
Size: 0 B
Output · Encoded
Size: 0 B
❤️ Support CodeConverter.net and donate ❤️

Everything you need to know about URL encoding

When do you need URL encoding?

Any time you embed data inside a URL — query parameters, path segments, or form submissions — you must encode characters that have special meaning in URLs. For example, if a user's name is "John & Jane", the ampersand must be encoded as %26 to avoid it being interpreted as a query string separator. Similarly, spaces (%20), hashes (%23), and plus signs (%2B) all carry structural meaning and must be escaped when they appear in data values.

Component encoding (equivalent to JavaScript's encodeURIComponent) encodes everything except unreserved characters — the right choice when encoding individual query parameter values or path components. Full URI encoding (equivalent to encodeURI) preserves characters that are syntactically valid in a full URL (:/?#[]@!$&'()*+,;=), and is better suited when encoding a complete URL that should remain navigable.

What is URL encoding?
  • Replaces unsafe characters with %XX hex sequences
  • Defined by RFC 3986 — the URL specification
  • Spaces → %20, &%26, #%23
  • Unreserved chars (A–Z, 0–9, -_.~) are never encoded
Component vs. Full URI mode
  • Component — encodes /, ?, #, &, = too
  • Full URI — preserves URL structural characters
  • Use Component for individual query param values
  • Use Full URI for encoding entire URL strings
How to use this tool
  • Paste your text or URL in the input field
  • Choose Encode or Decode direction
  • Select Component or Full URI mode
  • Result is live — copy or download as needed
100% private & client-side
  • All processing runs via native browser JavaScript APIs
  • Zero data transmitted to any server
  • Safe for API keys, tokens, and private query strings
  • Works offline after initial page load
Common encoded characters
  • Space → %20, +%2B
  • &%26, =%3D
  • /%2F, ?%3F
  • #%23, @%40
URL encoding vs. HTML entities
  • URL encoding is for safe transmission inside a URL
  • HTML entities (&, <) are for HTML documents
  • Both are needed when embedding URLs inside HTML attributes
  • Do not confuse %20 (URL) with   (HTML)

When to encode — and when not to

URL encoding is essential any time you pass user-supplied data as part of a URL — in query parameters, path segments, form submissions, or API calls. Failing to encode special characters like &, =, ?, #, and spaces can silently break your URL structure or, worse, open your application to injection attacks. As a rule: always encode values, never encode the full URL structure, and let your HTTP library or framework handle encoding automatically where possible.

That said, double-encoding is a common mistake that is hard to debug. If a value has already been encoded — for example, a URL retrieved from a database that was stored pre-encoded — applying encodeURIComponent() again will encode the percent signs themselves, turning %20 into %2520. Always decode first if you are unsure of the input state, then re-encode cleanly. This tool's decode mode is designed exactly for this: paste an encoded URL, decode it to inspect the raw values, then re-encode correctly if needed.