Free Converter
URL Encoder / Decoder
Encode and decode URLs and URI components instantly in your browser. Free, private, and no upload required.
Or
Encode and decode URLs and URI components instantly in your browser. Free, private, and no upload required.
URL encoding (formally percent-encoding, defined in RFC 3986) translates characters that have special meaning in URLs — spaces, slashes, ampersands, hash marks — into a safe form using percent signs followed by hex digits. The space character becomes %20 (or + in form-encoded contexts), the ampersand becomes %26, and so on. Without this encoding, special characters would be interpreted as URL syntax rather than as literal data, breaking the URL or causing unintended behavior.
Two related but distinct encodings exist. The standard URL component encoding uses %-escapes for everything outside the unreserved character set: A-Z, a-z, 0-9, hyphen, underscore, period, tilde. The form-encoded variant (application/x-www-form-urlencoded) additionally treats spaces as plus signs and uses different rules for some other characters. JavaScript's encodeURIComponent uses the strict component encoding; encodeURI uses a more permissive form that preserves URL structure characters.
This tool offers both encoding and decoding. Encode mode wraps each character that requires escaping in %HH format; decode mode reverses the transformation. Both run entirely in your browser using built-in JavaScript URL functions, so no data is sent anywhere.
Any time data is included in a URL — query string parameters, path segments containing user input, redirect targets — proper encoding is required. Failing to encode produces URLs that break when special characters appear, leak parameter boundaries to query strings (turning &x=1 into a separate parameter), or get blocked by web servers as malformed requests.
Decoding is the inverse: extracting the original data from an encoded URL. Browser address bars often show URLs in encoded form; decoding reveals what was actually intended. Logging, debugging, and security analysis all benefit from decoded URLs that show the original parameters and paths.
Paste a string, choose direction.
encodeURIComponent encodes every character outside the unreserved set [A-Za-z0-9-_.~]. Spaces become %20, plus signs become %2B, equals signs become %3D, and so on. Characters outside ASCII are first encoded in UTF-8 and then each byte is %-escaped.
encodeURI is more permissive and is intended for full URLs rather than components. It does not escape /, ?, &, =, #, and a few others because those characters have URL-syntax meaning. For embedding user data in a URL, encodeURIComponent is almost always the right choice.
decodeURIComponent reverses %-escapes, validating that each escape is well-formed and that the resulting bytes form valid UTF-8. Malformed input throws an error rather than producing garbage.