Encode special characters for use in URLs, or decode percent-encoded strings back to plain text. Runs entirely in your browser — nothing is sent to any server.
URL encoding (also called percent-encoding) converts characters that are not allowed in URLs into a safe representation using a percent sign followed by two hexadecimal digits. For example, a space becomes %20, & becomes %26, and = becomes %3D. It's needed because URLs can only contain a specific set of safe characters (letters, digits, -, _, ., ~) without ambiguity. Special characters like &, =, ?, / have structural meaning in URLs. When passing data in a URL query parameter that itself contains these characters, encoding is required to prevent them from being interpreted as URL structure.
encodeURIComponent encodes almost all characters, preserving only unreserved characters (A-Z, a-z, 0-9, -, _, ., ~). It encodes /, ?, &, =, #, : and other URL-structural characters. Use it for encoding query parameter values and path segment values that may contain special characters. encodeURI encodes fewer characters — it leaves /, ?, &, =, #, :, @ intact because they may be structural parts of a full URL. Use encodeURI for encoding a full URL where the structural characters should remain. Rule of thumb: for individual values going into a URL, use encodeURIComponent. For encoding an entire URL to include in another context, use encodeURI.
JavaScript: decodeURIComponent('Hello%20World') returns 'Hello World'. Python: from urllib.parse import unquote; unquote('Hello%20World'). Java: URLDecoder.decode('Hello+World', 'UTF-8') — note: Java's URLDecoder also converts + to space (HTML form encoding). PHP: urldecode('Hello%20World'). C#: Uri.UnescapeDataString('Hello%20World'). Ruby: URI.decode_www_form_component('Hello%20World'). The most common confusion: + vs %20 for spaces. URL encoding uses %20; HTML form data (application/x-www-form-urlencoded) uses + for spaces. Make sure you're using the right decoder for your input format.
Per RFC 3986, the 'unreserved characters' are safe in URLs and don't need encoding: uppercase letters (A-Z), lowercase letters (a-z), digits (0-9), and the four symbols -, _, ., ~. Everything else should be percent-encoded in contexts where the character could cause ambiguity. Additionally, the 'reserved characters' (; / ? : @ & = + $ ,) have structural meaning in URLs and should be encoded when used as data rather than as URL structure. The safe rule: when in doubt, encode it. URL decoders will simply pass through already-decoded characters without double-decoding.
URL encoding converts characters that have special meaning or are unsafe in URLs into percent-encoded form (%XX). Spaces become %20, ampersands become %26, and equals signs become %3D. This prevents query parameter values from being misread as URL structure.
Encode Component (encodeURIComponent) encodes nearly everything including /, ?, & and =. Use this for individual values going into a URL. Encode Full URL preserves URL structural characters and only encodes characters that are truly unsafe. Use this for encoding an entire URL to embed in another context.
HTML form data (application/x-www-form-urlencoded) uses + for spaces. URL encoding uses %20. When decoding, know your source: if it came from a form POST, use a form decoder; if from a URL path or query, use standard URL decoding.