URL encoding, percent-encoding and URI components
A URL (Uniform Resource Locator) can only contain a limited set of safe ASCII characters. Any other character, spaces, accented letters, symbols, non-Latin scripts, must be percent-encoded: replaced with % followed by the two-digit hexadecimal value of the character's UTF-8 byte. A space becomes %20, an ampersand becomes %26, the euro sign becomes %E2%82%AC (its three-byte UTF-8 sequence). This allows URLs to carry arbitrary text without breaking the parsing of protocol, host, path, query, and fragment components.
The standard distinguishes two encoding functions. encodeURI() encodes a complete URL, leaving structural characters (/, ?, &, =, #) unencoded because they have meaning within the URL. encodeURIComponent() encodes everything including those structural characters, use it for individual query parameter values. A common bug is calling encodeURI() on a query value containing &, which then splits the query string incorrectly.
| Character | Encoded form | Where it appears |
|---|---|---|
| Space | %20 | Path and query values |
| & | %26 | Inside query parameter values |
| = | %3D | Inside query parameter values |
| + | %2B | Query values (+ means space in form encoding) |
| # | %23 | Inside query/path (# starts the fragment) |
| Non-ASCII (e.g. ü) | %C3%BC | UTF-8 bytes percent-encoded |
Decoding for debugging and inspection
Paste an encoded URL or query string here and click Decode to make it human-readable. This is useful for debugging API request logs (server access logs show percent-encoded URLs), inspecting tracking parameters in marketing links, reading encoded OAuth redirect URIs, and understanding what data a form is submitting. Paste the full URL or just the query string, the decoder handles both.
Related: Base64 encoder for binary-to-text encoding, JSON formatter for API query values that contain JSON.