Reconnecting… Connection lost. Reload Session expired. Reload

URL Encoder / Decoder

Percent-encode a plain string for safe use in URLs, or decode an encoded string back to readable text.

By Pankaj Kumar · DevToolsHub· Last updated Jun 2026
Input Section

Input

Output Section

Result

URL output

What is URL encoding?

URL encoding — formally called percent-encoding and defined in RFC 3986 — converts characters that have special meaning in a URL, or that are not allowed in URLs at all, into a safe representation: a percent sign followed by two hexadecimal digits representing the character's byte value. For example, a space becomes %20, an ampersand becomes %26, and a hash becomes %23. The resulting string can travel through any URL parser without being misinterpreted.

Which characters must be encoded

RFC 3986 divides URL characters into three categories:

  • Unreserved characters — never encoded: letters A–Z and a–z, digits 0–9, and the four symbols - _ . ~
  • Reserved characters — must be encoded when used as data: : / ? # [ ] @ ! $ & ' ( ) * + , ; = — these have structural roles in URLs (separating scheme, host, path, query) so they must be encoded if they appear as literal values inside a query parameter
  • Everything else — always encoded: spaces, accented letters, CJK characters, emoji, and all control characters

%20 vs + for spaces

There are two conventions for encoding a space. Standard percent-encoding uses %20 and is valid everywhere in a URL. The + sign represents a space only in the application/x-www-form-urlencoded format used by HTML form submissions — it is not valid as a space in path segments or other URL parts. When building URLs programmatically, always use %20 for maximum compatibility. When parsing form data, handle both.

How to use this tool

  1. Paste your string or URL into the input editor.
  2. Click Encode to percent-encode all special characters, or Decode to convert percent-encoded strings back to readable text.
  3. Copy the result.

Encode query parameter values, not the whole URL

A common mistake is encoding an entire URL including the scheme and host, which turns https://example.com/search?q=hello world into https%3A%2F%2Fexample.com%2Fsearch%3Fq%3Dhello%20world — a broken string that no browser can open. The correct approach is to encode only the values of query parameters. The structural parts of the URL (protocol, host, path, ?, &, = between key and value) must remain unencoded. So the correct result is https://example.com/search?q=hello%20world.

Common developer scenarios

  • Redirect URLs: When building an OAuth redirect_uri parameter, the callback URL itself must be encoded since it contains :, /, and ? characters
  • Search queries: User-entered search terms may contain &, +, and # — always encode them before appending to a query string
  • API debugging: Decode URL-encoded strings from server logs or error messages to see the original values
  • Localisation: Non-ASCII characters in paths or queries (accented letters, Chinese, Arabic) must be UTF-8 encoded and then percent-encoded
FAQ
What is URL encoding?

URL encoding (percent-encoding) replaces unsafe characters with a % followed by two hex digits. For example, a space becomes %20.

When should I encode a URL?

Encode query parameter values before appending them to a URL to ensure special characters like &, =, and + are treated as data, not syntax.

When do I need to URL encode a string?

Encode any value you place in a query parameter or path segment. Characters like &, =, ?, #, and spaces must be encoded to avoid breaking the URL structure.

What is the difference between %20 and + for spaces?

Both represent a space. %20 is standard percent-encoding for all URL parts. + is only valid for spaces in the query string (application/x-www-form-urlencoded format).

Should I encode the entire URL or just the parameters?

Only encode the values of query parameters, not the entire URL. Encoding the full URL would break the protocol, domain, and path separators.

What characters do not need encoding?

Unreserved characters — letters (A–Z, a–z), digits (0–9), and - _ . ~ — are safe in URLs and do not need encoding.

Related Tools
Feedback or suggestions?

Found a bug or have an idea for a new tool? Drop me an email.

[email protected]
Find the tools useful?

Everything here is free. If it saves you time, a coffee keeps it running.

Buy me a coffee
About · Privacy · Terms · Editorial Policy · All tools run client-side · Zero server-side data retention · © 2026 DevToolsHub