Skip to content

URL Encoder / Decoder

In-browser only RFC 3986 Component & full-URL
Scope
0 characters
Encoded result
The converted result appears here.
Converted in your browser with the encodeURIComponent API.
Related tools View all

Overview

Percent-encode and decode URLs — Component and full-URL — in your browser

Percent-encode text for safe use in URLs, or decode an encoded URL back to readable text. Choose Component scope for a single query value or Full URL scope to keep a complete URL intact. Runs entirely in your browser.

  • Encode and decode in one place
  • Component and full-URL scopes
  • Live conversion as you type
  • Position-precise decode errors
  • Already-encoded input detection
  • Runs entirely in your browser
  • All encoding and decoding runs in your browser
  • No data is uploaded or sent to any server
  • Safe to use with URLs containing tokens, session IDs, or internal hostnames
  • Build query-string parameters and API request URLs
  • Decode a percent-encoded link or redirect target to read it
  • Fix double-encoded values (%2520) by decoding once
  • Encode non-ASCII text or emoji in a URL path or query
  • Share a complete URL that must stay valid using Full URL scope

Guide

How to Use

  1. 1
    Choose a direction

    Pick the Encode tab to turn text into a percent-encoded string, or the Decode tab to turn a percent-encoded URL back into readable text.

  2. 2
    Select a scope

    When encoding, choose Component to escape every reserved character (for a single query value), or Full URL to keep the structural characters — ://, /, ?, & — intact.

  3. 3
    Enter your input

    Type, paste, or use the Paste button to pull text from your clipboard. The result updates as you type — there is no button to press.

  4. 4
    Copy or swap the result

    Click Copy to put the result on your clipboard. Use Swap to move the result back into the input and flip the direction — handy for verifying a round-trip.

Reference

Component vs Full URL scope

Component vs Full URL scope
ScopeAPIEscapesTypical use
ComponentencodeURIComponentAll reserved characters, including / ? & = #A single query-parameter value or path segment
Full URLencodeURIOnly unsafe characters; keeps :// / ? & #A complete URL that must stay valid and navigable

Pitfalls

Common Mistakes

  • Encoding a whole URL with Component scope

    Component scope escapes the :// and slashes too, breaking the URL. To encode a full URL while keeping it navigable, use Full URL scope — it leaves the structural characters alone.

  • Double-encoding (the %2520 trap)

    Encoding already-encoded text turns %20 into %2520, because the % itself is escaped to %25. If the input already contains %XX sequences, decode it instead — the tool flags this for you.

  • Confusing + with a space

    In percent-encoding a space is %20. The + sign means a space only in application/x-www-form-urlencoded form data, not in URL paths. This tool follows RFC 3986, so a space always becomes %20.

  • Expecting URL encoding to hide data

    Percent-encoding is reversible and uses no key — anyone can decode it. It only makes characters safe to carry in a URL; it is not a way to obscure tokens or secrets.

Frequently Asked Questions

What is URL encoding (percent-encoding)?
URL encoding, also called percent-encoding, replaces characters that are unsafe or have special meaning in a URL with a % followed by two hexadecimal digits representing the byte value in UTF-8. A space becomes %20 and an ampersand becomes %26. It is defined in RFC 3986 and is essential for valid URLs, API requests, and query strings.
What is the difference between Component and Full URL scope?
Component scope uses encodeURIComponent and escapes every reserved character — including /, ?, &, =, and # — so it is right for a single query value or path segment. Full URL scope uses encodeURI and leaves the structural characters intact, so a complete URL stays valid and navigable. Pick Component when encoding a value, Full URL when encoding a whole address.
Why does %2520 appear in my URL?
%2520 is a double-encoded space. A space first encodes to %20; if that result is encoded again the % itself becomes %25, producing %2520. It means a value was encoded twice. Decode the string once to get back to %20, and encode only data that is not already encoded.
Which characters must be URL-encoded?
In a URL component, every character outside the unreserved set must be percent-encoded. The unreserved set is A–Z, a–z, 0–9, and the four marks - _ . ~. Everything else — spaces, punctuation, and all non-ASCII characters — must be encoded. In a full URL the structural characters : / ? # & = are left as-is so the address stays valid.
Can it decode non-ASCII and emoji?
Yes. The decoder reads percent-encoded UTF-8 byte sequences, so %E4%B8%AD%E6%96%87 decodes to 中文 and accented or emoji characters round-trip correctly. If a sequence is malformed, the tool reports the exact position and the offending escape so you can fix it.
Is my input sent to a server?
No. All encoding and decoding happens in your browser using the built-in encodeURIComponent, encodeURI, and decodeURIComponent functions. Your text never leaves your device, so it is safe to convert URLs containing tokens, session IDs, or internal hostnames.
Why does my URL fail to decode?
A decode fails when a % is not followed by two valid hex digits, or when the percent-encoded bytes are not valid UTF-8. The error message names the exact position and the offending sequence. Re-copy the value from its original source to fix a truncated or corrupted escape.