Percent-encode text for URLs and query strings, or decode it back
Type plain text on the left to percent-encode it for safe use in a URL, or paste encoded text on the right to decode it. A toggle lets you choose between encoding a single value and encoding a whole URL — a distinction that trips a lot of people up.
URLs are only allowed to contain a limited set of characters — letters, digits, and a handful of symbols. Anything else (a space, an accented letter, or a character that has special meaning in a URL like &, ?, = or /) has to be percent-encoded: replaced with a % followed by its byte value in hexadecimal. A space becomes %20; an ampersand becomes %26. Non-English characters are first turned into their UTF-8 bytes, then each byte is percent-encoded.
This is the key decision:
& = ? / too, because inside a value they're just data. Use this most of the time.: / ? & = alone so the URL still works. Use it only when you have a whole address to clean up.& and = are escaped so they aren't mistaken for query structure.Both appear. In the path and most URLs a space is %20. In HTML form submissions (application/x-www-form-urlencoded) a space is traditionally encoded as +. If you're building a query string by hand, prefer %20; when reading form data, treat + as a space.
Encode each value with encodeURIComponent and assemble the URL from the pieces. Use encodeURI only when you already have a full URL string to make safe. Encoding a full URL with encodeURIComponent would break it by escaping the :// and ?.
No. Like Base64, it's a reversible representation with no secret — anyone can decode it (this tool will). It only makes text safe to put in a URL; it hides nothing.
The input has a stray % not followed by two valid hex digits, so it isn't valid percent-encoding.
:// and separators) or, conversely, failing to encode a value that itself contains & or =. Encode individual values, then build the URL.