URL Encoder and Decoder
Encode and decode URL components for query strings, callback URLs, Chinese text, spaces, reserved characters, and double-encoding checks.
- Choose whether you are handling a query value, path segment, full URL, redirect URL, or form-encoded field.
- Check spaces, plus signs, slashes, question marks, ampersands, and existing percent escapes before copying.
- Use the decoded output to confirm the target system will receive the intended value.
Static fallback example
The live URL Encoder workbench runs in the browser. If it does not load, use this static example to confirm the expected input and output pattern, then enable JavaScript or reload the page to run the tool.
The live workbench runs component-level encode/decode checks in the browser. The static example only shows the percent-encoding pattern; verify query values, full URLs, and form-encoded spaces separately.
About this tool
The URL Encoder and Decoder converts reserved characters to percent-encoded text and decodes encoded URL parts for inspection.
When this tool is useful
Use it when query parameters, redirect URLs, callback values, search strings, or copied links need to be encoded safely for transport.
Encode only the component that needs encoding. Encoding an entire URL can change separators such as colon, slash, question mark, and ampersand.
Input and output example
Input query value: Ymir Tool JSON
Encoded value: Ymir%20Tool%20JSON
Common mistakes
Double-encoding turns percent signs into %25 and can break callbacks or redirect parameters.
Plus signs and spaces are handled differently in some form-encoded query strings, so verify the target system's expected format.
Before copying the result
Confirm which layer you meant to encode: a full URL, path segment, query key, query value, fragment, callback URL, or form field. Encoding the wrong layer can break separators such as :, /, ?, =, and &.
Check for existing percent escapes before encoding again. Repeated encoding often appears as %25, %252F, or a callback URL that no longer redirects correctly.
FAQ
Should I encode the whole URL?
Usually no. Encode parameter values or path segments separately unless the target system asks for an encoded full URL.
Why did % become %25?
That usually means already encoded text was encoded a second time.
URL encoding workflow for query strings and callbacks
URL encoding protects reserved characters when values are placed in paths, query strings, fragments, redirects, and webhook payloads. The main risk is encoding the wrong layer: a full URL, a single parameter value, or a nested callback URL each needs different handling.
Recommended workflow
- Decide whether you are encoding a full URL or only a parameter value. Most bugs come from mixing these two tasks.
- Encode parameter values before appending them to a query string. Do not encode separators such as ?, &, and = unless they are part of the value itself.
- Decode suspicious URLs in stages when they contain nested redirect or callback parameters.
- Before using the result in production, compare the decoded value with the intended destination, path, and parameter list.
Example review
Input: https://example.com/search?q=red shoes&sort=newest
What to verify: The value red shoes becomes red%20shoes or red+shoes depending on the target context; the separators remain meaningful.
Common mistakes to check
- Double-encoding percent signs so %20 becomes %2520.
- Encoding an entire URL before placing it in an href attribute without understanding the context.
- Assuming + always means a literal plus sign; in form-style query parsing it often represents a space.
- Decoding untrusted redirect URLs without checking the final host.
Copying and verification standard
Before copying output from this page, compare the result with the original input and write down the reason the transformed value is acceptable. For developer utilities, this usually means checking field count, escaped characters, casing, whitespace, time unit, or syntax boundary rather than trusting that a visible result is automatically correct.
For repeatable work, save a short non-sensitive sample and the expected result. That gives you a quick regression example when a browser extension, copied rich text, cached script, or upstream data source changes the behavior you observe.
Operational FAQ
Should spaces become %20 or +?
Both appear in web workflows. %20 is the general percent-encoded form; + is common in application/x-www-form-urlencoded query processing.
Can this fix a broken redirect?
It can reveal whether a redirect parameter is encoded correctly, but you still need to verify the final destination and server-side parsing rules.
Review standards by context
The same tool can support several workflows, but each workflow needs a different acceptance check. Use the following context notes to decide whether the output is ready to copy or whether the source material needs another pass.
- Search query: Encode only the query value, then confirm separators such as ampersands and equals signs still divide parameters correctly.
- Redirect parameter: Decode in layers and verify the final host before trusting the link.
- Webhook callback: Preserve the receiving service’s exact expected format, including whether spaces should be plus signs or percent-encoded bytes.
When a value will be used in production documentation, an incident report, a customer reply, or a configuration change, keep the source value and the transformed value together. That record makes the tool result auditable instead of leaving only a copied output with no explanation.
A complete URL encoding review also checks the target parser. This tool can transform reserved characters, but it cannot know whether your framework expects %20 or + for spaces, whether a proxy will decode once, or whether a redirect parameter has already been encoded.
URL encoding workflow for query strings, path segments, and copied links
URL encoding mistakes usually happen because a value is encoded in the wrong context. A query parameter value, a path segment, a complete URL, and an application/x-www-form-urlencoded body do not have the same review rules. This page should help you encode deliberately instead of repeatedly applying percent encoding until a link appears to work.
Use the tool to inspect characters such as spaces, plus signs, ampersands, equal signs, slashes, non-ASCII text, and already-encoded sequences. The important review question is not only “did it encode?” but “was this exact component supposed to be encoded at this layer?”
Use the tool as a review workflow
- Decide the component first: full URL, query parameter name, query parameter value, path segment, fragment, or form body field.
- Encode raw values once. Do not feed an already encoded value back into the encoder unless you intentionally need nested encoding for another transport layer.
- For query strings, check separators. A raw & or = inside a parameter value can accidentally create a new parameter.
- For path segments, check slashes. A slash may be a path separator or part of a value that must become %2F.
- After decoding, compare the result with the expected raw value and confirm that plus signs and spaces were interpreted in the intended convention.
Three practical examples
| Scenario | Sample input | What to check before copying |
|---|---|---|
| Query parameter value | q=red shoes & socks | The value needs spaces and ampersand encoded so the query parser does not split it into another parameter. |
| Path segment | /files/2026/June report.pdf | Only the file-name segment should encode the space; existing path separators should remain separators. |
| Already encoded value | name=Alice%20Lee | Encoding again produces %2520, which usually indicates double encoding rather than a correct space. |
Common error table
| Symptom | Likely cause | How to confirm | Practical fix |
|---|---|---|---|
| Server receives truncated query value | A raw & or = inside the value was not encoded. | Inspect server logs or parsed parameters and compare with the original intended value. | Encode the parameter value before concatenating it into the query string. |
| Spaces alternate between + and %20 | Different APIs use percent encoding or application/x-www-form-urlencoded rules. | Check whether URLSearchParams, form submission, or encodeURIComponent produced the string. | Use one convention consistently for the receiving endpoint and document it. |
| %252F or %2520 appears | The percent sign from an existing encoded sequence was encoded again. | Decode once and see whether %2F or %20 remains. | Decode to the raw value before one final encode, or preserve the encoded value without another pass. |
| Slash changes routing | A path value containing / was placed into a path segment without encoding. | The router treats one intended segment as multiple segments. | Encode the segment value so / becomes %2F when it is data, not a separator. |
| Non-ASCII text fails in a legacy service | The receiver expects a specific character encoding or incorrectly decodes UTF-8 percent sequences. | Test a short known string such as café or 中文 and compare bytes. | Prefer UTF-8 and check the service documentation before adding workarounds. |
Security and privacy boundary
URLs often contain search terms, email addresses, internal resource IDs, signed links, campaign parameters, and access tokens. Encoding does not remove that sensitivity.
- Do not paste signed URLs, reset links, bearer tokens, internal admin paths, or customer query strings into shared examples.
- Remove secrets before copying encoded links into bug reports or documentation.
- Keep a note of whether a value was raw or already encoded when you received it.
- When debugging analytics or ad links, sanitize campaign IDs and private landing-page parameters before sharing.
Technical reference notes
Modern URL behavior combines the URL standard, JavaScript encoding functions, and form-urlencoded conventions. The safest workflow is to choose the correct component API rather than manually replacing characters.
- WHATWG URL Standard — URL parsing, URL APIs, and form-urlencoded behavior
- MDN encodeURIComponent() — component-level escaping behavior
- MDN URLSearchParams — query string utilities and iteration behavior
Copy result checklist
- Name the exact component you are encoding before pressing copy.
- Check for raw &, =, ?, #, /, +, and % characters in the source value.
- Decode once to confirm the final value matches the intended raw text.
- Look for %25 as a sign that an already encoded percent sequence may have been encoded again.
- Preserve query parameter order only if the receiving system or signature scheme requires it.
- Do not share signed or private URLs after encoding; encoding is not redaction.
Related guides for deeper review
Editorial update: 2026-06-01. This URL encoding page was expanded with query-value examples, double-encoding checks, component boundaries, and related URL guides to reduce copy and redirect mistakes.