Select Encode to convert text to URL-safe format, or Decode to convert it back to readable text.
02
Select type
Choose between encodeURIComponent, encodeURI, Base64 or HTML entities depending on your use case.
03
Paste & process
Paste your URL or text and the result updates automatically in real time as you type.
04
Copy & use
Copy the result with one click and use it in your code, browser or anywhere you need.
🛡️
100% private. All encoding and decoding happens locally in your browser using JavaScript. Your URLs and text are never sent to any server.
Frequently asked questions
URL encoding (also called percent-encoding) is the process of converting characters that are not allowed in a URL into a safe format. Special characters like spaces, &, =, ?, #, and non-ASCII characters are replaced with a percent sign followed by their hexadecimal code — for example, a space becomes %20 and & becomes %26. This ensures that URLs are transmitted correctly across the internet without ambiguity.
URLs can only contain a limited set of characters defined by the RFC 3986 standard. Characters outside this set — such as spaces, accented letters, symbols, and non-Latin scripts — must be encoded before being included in a URL. Without encoding, the URL may be misinterpreted by browsers, servers, or APIs, causing broken links, failed requests, or security vulnerabilities.
URL encoding converts specific unsafe characters to percent-encoded sequences while keeping the text largely readable (hello world becomes hello%20world). Base64 encoding converts any binary data into a text string using only 64 safe characters — it is not human-readable but can represent any data type including images and files. URL encoding is used specifically for making URLs safe; Base64 is used for encoding binary data in text-based formats like emails or data URIs.
You should encode only the query string parameters (the values after ? in a URL), not the full URL. Encoding the full URL would also convert the :// slashes and domain separators, making it invalid. For example, in https://example.com/search?q=hello world, only the value hello world should be encoded to hello%20world, giving https://example.com/search?q=hello%20world.
The characters that do not need encoding in a URL are: letters (A–Z, a–z), digits (0–9), and these symbols: hyphen (-), underscore (_), period (.), and tilde (~). Everything else — including spaces, slashes, question marks, hash signs, ampersands, equals signs, and any non-ASCII characters — must be percent-encoded to be safely included in a URL.
encodeURI encodes a complete URL and leaves structural characters like :, /, ?, # unencoded because they are part of the URL structure. encodeURIComponent encodes a single URL component (like a query parameter value) and also encodes those structural characters. For encoding query string values, you should always use encodeURIComponent to prevent those characters from being interpreted as URL structure.
Yes. The decoder reverses percent-encoding and converts encoded sequences back to their original characters. This is useful for reading URLs that contain encoded parameters, debugging API requests, or understanding redirects and query strings in web traffic analysis tools.
URL encoding is a formatting requirement, not a security measure. It prevents parsing errors but does not protect against malicious input. For security purposes, always validate and sanitize URL parameters on the server side. Never trust URL-encoded input as inherently safe — encoding only ensures proper formatting during transmission.