URL Encoder/Decoder

Encode and decode URLs and URI components for safe transmission in web applications.

Input

Encoding Reference

encodeURIComponent: Encodes all special characters including /, ?, #, &

encodeURI: Preserves URL structure characters (/, ?, #, &, =)

Encoded Output

Hello%20World!%20How%20are%20you%3F%20Special%20chars%3A%20%40%23%24%25%5E%26*()

URL Parts

Protocol:https:
Host:example.com
Path:/Hello%20World!%20How%20are%20you
Query:?%20Special%20chars:%20@
Hash:#$%^&*()

Query Parameters:

Special chars: @:

Common Encodings

Space → %20
! → %21
@ → %40
# → %23
$ → %24
& → %26
+ → %2B
= → %3D

What Is URL Encoding?

URL encoding, formally known as percent-encoding, is the process of converting characters that are not allowed or have special meaning inside a Uniform Resource Identifier (URI) into a safe, transmittable representation. Every encoded character is replaced by a percent sign (%) followed by two hexadecimal digits that represent the character's byte value in UTF-8.

The modern web relies on URLs to identify every resource — web pages, API endpoints, images, and more. Because URLs are plain ASCII strings, any character outside the allowed set must be escaped before it can be safely embedded in a request. A space, for instance, cannot appear literally inside a URL; it must be written as %20. An ampersand (&) separates query parameters, so if your data actually contains an ampersand it must be encoded as %26 to avoid being misread as a separator.

Two JavaScript functions implement percent-encoding for different use cases: encodeURIComponent and encodeURI. Understanding when to use each one is key to writing correct web applications. encodeURIComponent is the safer default for individual values — it encodes everything that is not an unreserved character. encodeURI is designed for full URL strings and deliberately leaves structural characters like /, ?, #, and & untouched.

This URL encoder and decoder tool performs both operations in your browser, with no data ever sent to a server. Paste any text or encoded URL string, choose your function, and the output updates instantly.

encodeURIComponent vs encodeURI

The page exposes two encoding types, and choosing the right one avoids subtle bugs that are hard to debug in production.

encodeURIComponent

encodeURIComponent encodes every character that is not in the set of unreserved characters defined by RFC 3986: uppercase and lowercase letters (A–Z, a–z), digits (0–9), and the symbols - _ . ! ~ * ' ( ). All other characters — including /, ?, #, &, =, @, +, and spaces — are converted to their percent-encoded equivalents. This makes it the right choice whenever you are encoding a value that will appear inside a query string or path segment, because those structural delimiters must not appear unescaped inside a value.

encodeURI

encodeURI is designed for encoding a complete URL. It preserves the full set of characters that are legal in a URI — including the structural delimiters : / ? # [ ] @ ! $ & ' ( ) * + , ; = — so that a full URL string remains a valid URL after encoding. Use encodeURI when you need to clean up a URL that contains non-ASCII characters (for example, a URL with Unicode letters in the path) without breaking its structure.

Function Characters NOT encoded Best used for
encodeURIComponent A–Z a–z 0–9 - _ . ! ~ * ' ( ) Query parameter values, path segments
encodeURI All of the above plus ; , / ? : @ & = + $ # Full URL strings with non-ASCII characters

Percent-Encoding Formula

encoded = encodeURIComponent(input) | encodeURI(input)

Where:

  • input= The raw string containing characters to be encoded
  • encodeURIComponent(input)= Encodes all characters except A–Z a–z 0–9 - _ . ! ~ * ' ( )
  • encodeURI(input)= Encodes all characters except unreserved chars plus URI structural delimiters: ; , / ? : @ & = + $ #
  • %XX= Percent-encoded byte: % followed by two uppercase hex digits representing the UTF-8 byte value

Common Percent-Encoded Characters

Every web developer encounters percent-encoding repeatedly. The table below lists the characters most commonly seen in URLs and their encoded equivalents. All encodings use the UTF-8 byte values for ASCII characters, so the hex digits are the same regardless of the operating system.

Character Encoded (hex) Role in URLs
Space%20Not allowed in URLs; use %20 or + in query strings
!%21Sub-delimiter; safe in values
#%23Fragment identifier separator
$%24Sub-delimiter
&%26Query parameter separator
+%2BTreated as space in form-encoded data
=%3DKey-value separator in query strings
@%40Separates userinfo from host
%%25Percent sign itself must be escaped
/%2FPath segment separator
?%3FQuery string separator
:%3ASeparates scheme from authority

Non-ASCII characters (Unicode) are first converted to their UTF-8 byte sequences and each byte is then percent-encoded. For example, the euro sign is encoded as %E2%82%AC because its UTF-8 encoding is the three bytes 0xE2 0x82 0xAC.

When to Use URL Encoding in Web Development

URL encoding is not just a theoretical concept — you encounter it constantly in day-to-day web development. Here are the most important situations where correct encoding is critical.

Building Query Strings Manually

When constructing a URL from user-supplied data in JavaScript, always run each parameter value through encodeURIComponent before appending it to the URL. If a user types "coffee & tea" into a search box and you concatenate it directly, the ampersand will be interpreted as a parameter separator, silently splitting your single parameter into two. The correct approach is:

const url = '/search?q=' + encodeURIComponent(userInput);

API Requests and Fetch Calls

REST APIs frequently accept IDs, names, and filters as path segments or query parameters. A product named "Dress/Blouse" contains a forward slash that would be misread as a path separator. Encoding it as Dress%2FBlouse ensures the server receives the correct value. The browser's built-in URL and URLSearchParams APIs handle encoding automatically, which is why they are preferred over manual string concatenation.

OAuth and Authentication Redirect URIs

OAuth flows pass a redirect_uri as a query parameter. Because the URI contains its own colons, slashes, and question marks, the entire value must be percent-encoded with encodeURIComponent. Failure to encode it is a common source of broken OAuth implementations.

Storing Data in URL Hash or History API

Single-page applications often serialize application state into the URL hash or pathname. Any state values that originate from user input must be encoded before being written to location.hash or passed to history.pushState, and decoded when read back.

Internationalized Domain Names and Non-ASCII Paths

Web servers increasingly serve content under non-ASCII paths — for example, a Japanese language page at /ja/製品. Browsers display these in decoded form but transmit the percent-encoded bytes over HTTP. Use encodeURI (not encodeURIComponent) when encoding a full URL with a non-ASCII path, so the slashes and structural characters remain intact.

URL Decoding: Reversing Percent-Encoding

URL decoding is the exact inverse of encoding. The JavaScript functions decodeURIComponent and decodeURI replace every %XX sequence with the corresponding UTF-8 character. Use this tool's decode mode when you receive a percent-encoded URL or string — from a server log, an error message, a redirect parameter, or an API response — and need to read its human-friendly form.

decodeURIComponent is the counterpart to encodeURIComponent. It decodes every percent-encoded sequence in the string, including those representing structural characters like %2F (/) and %3F (?). Use this when decoding a value that was encoded as a component (a query string value, a path segment, etc.).

decodeURI is the counterpart to encodeURI. It does not decode sequences that represent structural URI characters — specifically %2F, %3F, %23, %26, %3D, and a few others — because doing so might break the URL structure. Use this only when decoding a full URL that was encoded with encodeURI.

A common pitfall is calling decodeURIComponent on a string that contains a literal % not followed by two valid hex digits. This throws a URIError. The tool catches this error and displays the message so you can identify the malformed sequence. Always validate or sanitize percent-encoded input from untrusted sources before decoding.

URL decoding is also essential for reading server-side logs. Web frameworks often log the raw, percent-encoded request URI. Pasting the logged URL into this decoder instantly gives you the readable form, saving time when debugging encoded characters in production URLs.

Worked Examples

Encoding a Query Parameter Value

Problem:

You need to pass the search term "coffee & tea" as a query parameter value. Use encodeURIComponent.

Solution Steps:

  1. 1Start with the raw value: coffee & tea
  2. 2Apply encodeURIComponent: spaces → %20, & → %26
  3. 3Result: coffee%20%26%20tea
  4. 4Full URL: /search?q=coffee%20%26%20tea — the ampersand is safely encoded as a value, not a separator

Result:

encodeURIComponent('coffee & tea') = 'coffee%20%26%20tea'

Encoding a Full URL with Non-ASCII Path

Problem:

You have the URL https://example.com/café/menu and need to encode the non-ASCII character. Use encodeURI.

Solution Steps:

  1. 1Start with: https://example.com/café/menu
  2. 2Apply encodeURI — structural characters like : // / are preserved
  3. 3The é character (UTF-8 bytes 0xC3 0xA9) is encoded
  4. 4Result: https://example.com/caf%C3%A9/menu — the URL structure remains valid

Result:

encodeURI('https://example.com/café/menu') = 'https://example.com/caf%C3%A9/menu'

Decoding a Percent-Encoded Query String

Problem:

A server log shows the request: /search?q=Hello%20World%21&lang=en. Decode the query parameter value.

Solution Steps:

  1. 1Take the encoded value: Hello%20World%21
  2. 2Apply decodeURIComponent to the value portion
  3. 3%20 → space, %21 → !
  4. 4Result: Hello World! — the original search term is restored

Result:

decodeURIComponent('Hello%20World%21') = 'Hello World!'

Encoding Special Characters in a Form Field

Problem:

A user enters the text "name=John Doe&age=30" into a field that will be used as a URL value. Encode it with encodeURIComponent.

Solution Steps:

  1. 1Raw input: name=John Doe&age=30
  2. 2Apply encodeURIComponent: = → %3D, space → %20, & → %26
  3. 3Each structural character in the value is escaped
  4. 4Result: name%3DJohn%20Doe%26age%3D30 — safe to append as a query parameter value

Result:

encodeURIComponent('name=John Doe&age=30') = 'name%3DJohn%20Doe%26age%3D30'

Tips & Best Practices

  • Use encodeURIComponent for any user-supplied value you append to a URL — it is the safe default that prevents parameter injection.
  • Never double-encode a URL. If a string is already percent-encoded, encoding it again will turn % into %25, creating malformed output. Decode first if you are unsure.
  • The browser's URLSearchParams API encodes values automatically — prefer it over manual string concatenation for building query strings in JavaScript.
  • When debugging a URL from a server log, paste just the query string value (not the full URL) into the decoder with encodeURIComponent selected to get the cleanest result.
  • Remember that + in a query string from an HTML form means a space (form encoding), but %2B means a literal plus sign. These are not interchangeable.
  • Non-ASCII paths (Unicode characters in URLs) should be encoded with encodeURI, not encodeURIComponent, to preserve the slashes and structural characters in the path.
  • The URL Parts panel in this tool automatically parses protocol, host, path, query, and hash — useful for quickly understanding a complex URL before encoding individual components.
  • If you receive a URIError when decoding, look for a bare % character in the input that is not followed by two hex digits — this is the most common cause of malformed encoded strings.

Frequently Asked Questions

encodeURIComponent encodes all characters that are not unreserved (A–Z, a–z, 0–9, - _ . ! ~ * ' ( )), including structural URL characters like /, ?, #, and &. encodeURI preserves those structural characters and is intended for encoding a complete URL string rather than an individual value. Use encodeURIComponent for query parameter values and path segments; use encodeURI only when encoding an entire URL that already has correct structure.
Percent-encoding (defined in RFC 3986) always represents a space as %20. The plus sign (+) representing a space is a different convention from the older HTML form encoding specification (application/x-www-form-urlencoded), used in HTML form submissions. Modern APIs and the URL standard use %20. If you see + in a query string from an HTML form POST, that is form encoding, not percent-encoding; you would decode it with a form-specific decoder rather than decodeURIComponent.
decodeURIComponent throws a URIError when the input contains a % sign that is not followed by exactly two valid hexadecimal digits (0–9, A–F, a–f), or when the percent-encoded sequence represents an incomplete UTF-8 multi-byte sequence. This can happen with truncated or malformed input. The tool catches this error and shows the error message so you can identify the offending sequence before fixing the input.
No — URL encoding is a reversible, lossless transformation. Decoding the encoded string always produces the exact original bytes. The only purpose of encoding is to represent the data in a form that is safe to transmit inside a URL. The semantic meaning of the data is preserved completely; only its textual representation changes during transmission.
You should encode only the dynamic parts — typically query parameter values and any path segments derived from user input. Encoding the entire URL with encodeURIComponent would escape the colons, slashes, and question marks that give the URL its structure, producing an invalid URL. Use encodeURI for full URL strings when you only need to handle non-ASCII characters, and use encodeURIComponent for individual values you are embedding as parameters.
No — they are entirely different encodings designed for different purposes. URL encoding (percent-encoding) converts specific characters to %XX sequences so a string can be safely embedded in a URL; the output is still mostly readable text. Base64 encoding converts arbitrary binary data into a set of 64 printable ASCII characters and produces a compact, opaque string unrelated to the original content. Base64 is used for binary data in email attachments, data URIs, and API payloads, not for making URL-safe strings.

Sources & References

Last updated: 2026-06-05

💡

Help us improve!

How would you rate the URL Encoder/Decoder?

<>

Editorial Note

MyCalcBuddy Editorial Team

This page is maintained as an educational calculator reference.

Source

Formula Source: Standard Mathematical References

by Various

UpdatedLast reviewed: May 2026
CheckedFormula checks are based on standard references and internal QA review.