URL Encoder & Decoder
Encode and decode URLs, query parameters, and form values with percent-encoding modes for components, full URLs, and x-www-form-urlencoded data.
Interactive Client Prototype Sandbox
Disclaimer: This free tool is provided “as is,” without warranties of any kind, and is for general informational purposes only — not professional, legal, financial, medical, tax, or engineering advice. Results may contain errors; verify anything important independently and use at your own risk. We accept no liability for any loss or damage arising from its use. See our Terms of Use for details.
Step-by-Step Guide
Paste readable text, a query parameter value, or a full URL into the decoded input. The encoded output updates immediately. Use Component mode for individual parameter values such as a search term, redirect URL, or API filter. Use Full URL mode when you already have a complete URL and want to preserve characters like : / ? & = that have structural meaning. Use Form + mode for application/x-www-form-urlencoded data, where spaces are represented as + instead of %20.
To decode an existing encoded string, paste it into the encoded output box and click 'decode from this' or simply edit that side. If the string contains malformed percent escapes, the tool shows an error instead of silently changing the value.
Choosing the right mode
Component mode uses encodeURIComponent-style behavior and is the safest choice for query parameter values. Full URL mode uses encodeURI-style behavior and is intended for complete URLs, not arbitrary parameter values. Form + mode follows the common web form convention where spaces become +, useful when inspecting form posts or legacy query strings.
Decoded value: 'json formatter & validator' in Component mode becomes 'json%20formatter%20%26%20validator'. A full URL such as 'https://example.com/search?q=json formatter' in Full URL mode becomes 'https://example.com/search?q=json%20formatter' while preserving the URL's / ? and = characters. In Form + mode, 'hello world' becomes 'hello+world'.
Who it's for
Developers, QA testers, marketers, API users, and support teams debugging links, redirects, query strings, and tracking URLs.
Core Features
- Encode decoded text into percent-encoded URL-safe output.
- Decode percent-encoded strings back into readable text.
- Switch between Component, Full URL, and Form + encoding modes.
- Copy either side with one click and see character counts as you work.
- Runs entirely in your browser — pasted links and parameters are never uploaded.
🛡️ No tracking — your inputs, keys, and details never leave this client sandbox.
What is URL encoding?
URL encoding, also called percent-encoding, replaces characters that are unsafe or ambiguous in URLs with percent escapes. For example, a space becomes %20 and an ampersand becomes %26 when it is part of a parameter value rather than a separator between parameters.
Should I encode a full URL or just a component?
Encode a full URL only when the string is already a complete URL and you want to preserve structural characters like : / ? & and =. Encode a component when the value will be placed inside a query parameter, path segment, redirect field, or API parameter. Component encoding is usually the safer default for user-supplied values.
Why do spaces sometimes become + instead of %20?
In normal percent-encoding, spaces are represented as %20. In application/x-www-form-urlencoded data, commonly used by HTML forms and many legacy query strings, spaces are represented as +. This tool includes a Form + mode so you can work with that convention explicitly.
Does this tool upload my URLs?
No. Encoding and decoding use your browser's built-in URL encoding functions locally. Pasted URLs, query strings, redirect parameters, and tracking links never leave your device.
Why does decoding sometimes fail?
Decoding fails when the input contains an incomplete or invalid percent escape, such as a bare % sign or a truncated UTF-8 sequence. The tool reports the error so you can fix the original string instead of getting a misleading decoded result.
Why URL encoding exists
URLs have two jobs at once: they must be readable enough for humans to share, and strict enough for browsers, servers, analytics tools, and APIs to parse reliably. Characters like ?, &, =, /, #, and : are not just ordinary text inside a URL — they separate the scheme, path, query string, fragment, and key/value pairs. Percent-encoding solves the conflict by representing data characters as escape sequences when they would otherwise be mistaken for URL syntax.
The ampersand problem
The most common bug happens when a value contains a character that the URL parser treats as structure. Imagine a search value of 'research & development'. If that value is placed into a query string without encoding, the ampersand can be interpreted as the start of a new parameter. Encoded as 'research%20%26%20development', the ampersand remains part of the value. The same issue appears in redirect URLs, OAuth callback parameters, marketing UTM fields, and API filters.
Full URL vs component encoding
The difference between encoding a whole URL and encoding one component is important. A full URL needs to preserve slashes, colons, question marks, and equals signs because those characters define the URL itself. A component value usually needs those characters escaped because they are data, not structure. This is why JavaScript has both encodeURI and encodeURIComponent, and why this tool exposes separate modes instead of pretending there is only one kind of URL encoding.
Debugging encoded links safely
Encoded URLs often contain private or operational details: email addresses in support links, redirect destinations, analytics campaign names, API filters, or temporary tokens. Decoding them in a local browser tool is safer than pasting them into a server-side utility. The tool does not verify whether a URL is safe to visit or whether a redirect is trustworthy; it only translates the representation so you can inspect it accurately.