Back to Tools
URL Encoder/Decoder
Percent-encode any text for safe use in URLs, or decode a percent-encoded string back to plain text. Handles Unicode, Chinese characters, and query string gotchas.
TL;DR. Switch to Encode and paste any text to get a percent-encoded string safe to use in a URL query parameter or path segment. Switch to Decode to reverse it. This tool uses encodeURIComponent / decodeURIComponent, which handle Unicode correctly. Space becomes %20, Chinese characters expand to three %XX triplets each, and reserved characters like & and = are escaped so they cannot break query string parsing.
How to use the URL encoder
- Choose encode or decode. Use Encode when you have a plain string (a search term, a user-submitted value, a file name) that you need to embed in a URL. Use Decode when you have a percent-encoded string from a URL or log file and want to read the original text.
- Paste your input. You can paste a single word, a full query parameter value, a file path, or even a paragraph. The tool encodes the entire input as a single component value, so characters like
/and?will be encoded to%2Fand%3F. This is correct for a query value but would be wrong if you are trying to encode an entire URL path. - Watch for the double-encoding trap. If your input already contains percent-encoded sequences like
%20, encoding it again will turn the%into%25, producing%2520. If you are unsure whether your input is already encoded, decode it first, then re-encode the decoded result. - Copy and paste the output. The encoded output is safe to place directly in a URL query string or path segment. If you need a full URL, construct it as:
https://example.com/search?q=followed by the encoded value.
Percent-encoding cheatsheet
Common characters, their encoded forms, and when each one causes problems in practice.
| Character | Encoded | Notes |
|---|---|---|
| space | %20 (or + in forms) | Most common encoding issue; %20 is safe everywhere |
| / | %2F | Path separator; encode in query values to avoid path confusion |
| ? | %3F | Query start; encode in values so it is not parsed as query start |
| # | %23 | Fragment start; encode in values to avoid truncating the URL |
| & | %26 | Query param separator; always encode in param values |
| = | %3D | Key-value separator; encode in keys and values |
| + | %2B | Literal plus; also means space in form data - encode to be safe |
| % | %25 | Percent sign itself; encode first to avoid double-encoding |
| @ | %40 | Used in userinfo; encode in path/query to avoid ambiguity |
| [ | %5B | IPv6 bracket; encode in query values |
| ] | %5D | IPv6 bracket; encode in query values |
| 中 (Chinese) | %E4%B8%AD | UTF-8 byte sequence, 3 bytes for CJK characters |
| é (e acute) | %C3%A9 | UTF-8 byte sequence, 2 bytes for extended Latin |
| ~ - _ . | (unchanged) | RFC 3986 unreserved: safe in all URL components |
Common patterns and gotchas
- Building a search URL: Never concatenate a user query directly into a URL string. Instead:
const url = `https://example.com/search?q=${encodeURIComponent(query)}`. If the query contains &, =, or #, raw concatenation silently corrupts the URL structure; the encoded version is always safe. - Reading a query parameter in JavaScript: Use
new URLSearchParams(window.location.search).get('q'). This handles both%20and+decoding automatically, so you do not need to calldecodeURIComponentyourself on the value it returns. - Encoding a full URL vs a component:
encodeURI('https://example.com/path?q=hello world')produceshttps://example.com/path?q=hello%20world(only the space is encoded, the URL structure is preserved).encodeURIComponenton the same string encodes the colons, slashes, and question mark too, destroying the URL. Know which function to use based on whether you have a whole URL or a value. - Passing a URL as a query parameter: If you need to embed one URL inside another (e.g. a redirect target), encode the inner URL with
encodeURIComponent. The slashes and question mark in the inner URL must be encoded so the outer URL parser sees them as data:https://login.example.com?return=https%3A%2F%2Fapp.example.com%2Fdashboard. - File names in URLs: File names with spaces, parentheses, or Unicode should be encoded before use in a URL path. A file named
my report (final).pdfbecomesmy%20report%20(final).pdfafter encoding. Some browsers display the decoded name in the address bar, but the raw request uses the encoded form.
Frequently asked questions
What is percent-encoding and why does it exist?+
URLs can only contain a limited set of ASCII characters defined in RFC 3986. Characters outside that set (spaces, Unicode, symbols like #, &, =) must be represented as a percent sign followed by two hex digits: space becomes %20, # becomes %23. This encoding is called percent-encoding. It exists because URLs travel through systems (proxies, routers, browsers) that interpret special characters as URL structure, not data.
What is the difference between encodeURI and encodeURIComponent?+
encodeURI encodes a complete URL and leaves characters that are valid in a URL structure untouched: /, :, ?, #, &, =, @, +, and more. Use it when you have a full URL and only want to escape the obviously illegal characters. encodeURIComponent encodes a single component (a query parameter value, a path segment) and encodes nearly everything including /, ?, and &. Use it for any value you are inserting into a URL, not the whole URL itself. This tool uses encodeURIComponent, which is the right choice 95% of the time.
Why does a space sometimes become + and sometimes %20?+
HTML forms with method="GET" serialize spaces as + in the query string (application/x-www-form-urlencoded format, defined by the HTML spec). URL path segments use %20 for spaces (RFC 3986). Both are technically correct in their respective contexts, but they are not interchangeable. If you paste a form query string into a URL path, + will be treated as a literal plus sign, not a space. encodeURIComponent always produces %20, which is safe everywhere.
What is double-encoding and why is it a bug?+
Double-encoding happens when you run percent-encoding on a string that is already encoded. The % in %20 itself gets encoded to %2520, so a space round-trips as %2520 instead of %20. The server then decodes it to %20 (literally) instead of a space. The fix: always encode raw values, never encode values that came from a URL or were already encoded. If you are unsure, decode first and then re-encode.
How do I encode a Chinese or Japanese character?+
Unicode characters are first UTF-8 encoded (each character becomes 1-4 bytes), then each byte is percent-encoded. The Chinese character for "middle" (中) is UTF-8 bytes E4 B8 AD, which encodes to %E4%B8%AD. encodeURIComponent handles this automatically in any modern browser or Node.js environment. This tool does the same, so you can paste any language input and get a valid percent-encoded output.
Which characters are safe in a URL without encoding?+
RFC 3986 defines unreserved characters that never need encoding: A-Z, a-z, 0-9, and the four symbols - _ . ~. These are safe in any URL component. Reserved characters (: / ? # [ ] @ ! $ & ' ( ) * + , ; =) carry structural meaning and must be encoded if you intend them as data, not URL syntax. Everything else, including spaces and non-ASCII, must be percent-encoded.
Related developer tools
- Base64 Converter
Encode and decode Base64, including JWT segments
- Extract URLs
Pull all URLs out of any block of text
- Regex Tester
Test and debug JavaScript regular expressions
- JSON Formatter
Pretty-print and validate JSON