Just File Tools

URL Encoder/Decoder

Percent-encode or decode URLs and query strings

Encoding mode:

How to URL Encoder/Decoder Online

Convert text to and from percent-encoded (URL-encoded) form using the browser's built-in encoder.

  1. Paste the text or URL you want to encode or decode into the input field.
  2. Choose an encoding mode: pick "Component" for query-string values and "Full URI" when working with an entire URL you want to keep navigable.
  3. Click "Encode" to percent-escape unsafe characters, or "Decode" to convert `%XX` sequences back to readable text.
  4. Review any error message — invalid `%XX` sequences in the input are reported with the position so you can fix them.
  5. Use the "Copy" button to put the output on your clipboard.
  6. Click "Clear" to reset both fields and start over with new input.

About URL Encoder/Decoder

Percent-encoding (often called "URL encoding") is the rule that lets URLs carry characters that would otherwise be ambiguous. The URL standard reserves a handful of punctuation marks — `/`, `?`, `#`, `&`, `=`, `+` — for structural duties like separating the path from the query string. When you need to put any of those characters inside a parameter value, or include spaces, emoji, or non-ASCII letters, each unsafe byte is replaced with `%` followed by its two-digit hexadecimal value. The result is a string that travels safely through any standards-compliant parser.

The two encoders that JavaScript ships with do subtly different things. `encodeURIComponent` is the strict version: it escapes every character that has any URL meaning, which is what you want when assembling a query parameter value, an OAuth redirect, or an `href` attribute that includes user input. `encodeURI` is the lenient version: it leaves the reserved structural characters alone so that a whole URL like `https://example.com/search?q=hello world` still resolves to a valid URL after encoding. Mixing them up is a common source of bugs — using `encodeURI` on a value that itself contains an ampersand will silently break the surrounding query string.

This tool gives you both modes side by side and uses the browser's exact implementations, so the result is identical to what your server-side or client-side code would produce. Decoding goes through `decodeURIComponent` and `decodeURI` respectively, and an invalid escape sequence (for example, `%ZZ` or a truncated `%4`) produces a clear error rather than silently garbled text.

A practical use case: you copy a webhook URL out of a vendor's dashboard and the path contains `%2F` and `%3D`. Pasting it into the decoder reveals the underlying filename and token. Going the other way, you have a search phrase like `a + b = c` that you need to drop into an analytics URL — encoding it yields `a%20%2B%20b%20%3D%20c`, which round-trips reliably.

Everything happens in your browser. The encoder and decoder are native JavaScript functions that have no network access. Nothing is logged, stored, or transmitted.

Related Tools

HTML Entity Encoder/Decoder
Escape or unescape HTML entities like &, <, >
Base64 Encode/Decode
Encode text to Base64 or decode Base64 to text
JSON Formatter
Format, validate, and beautify JSON data

Frequently Asked Questions

What is the difference between encodeURI and encodeURIComponent?

`encodeURI` is meant for whole URLs and leaves reserved characters like `:`, `/`, `?`, `#`, `&`, and `=` untouched, so the URL still works. `encodeURIComponent` escapes those characters too, which is what you want when embedding a value inside a query string (for example, encoding `a=1&b=2` so it becomes a literal value rather than two parameters).

Why are spaces sometimes shown as `+` and other times as `%20`?

In the `application/x-www-form-urlencoded` flavor used for form submissions, spaces are encoded as `+`. In modern URL components (RFC 3986), spaces become `%20`. This tool produces `%20` because that is what the browser's built-in `encodeURIComponent` returns. Both are normally decoded back to a space by servers that follow either spec.

Which characters get percent-encoded?

Anything outside the unreserved set: ASCII letters, digits, and the four punctuation marks `- _ . ~`. Everything else, including most punctuation, all non-ASCII text, and all control characters, gets converted to one or more `%XX` bytes representing the UTF-8 encoding of that character.

I see `%C3%A9` in a URL — is that wrong?

No. That is the UTF-8 encoding of the letter `é`: the byte `0xC3 0xA9`. Each byte becomes one `%XX` token. Decoding it returns `é` correctly because modern browsers and servers treat percent-escaped bytes as UTF-8 by default.

Can I decode a URL that has malformed escape sequences?

No. If a `%` is followed by anything other than two hex digits, or the resulting bytes are not valid UTF-8, the decoder throws a `URIError`. This tool surfaces that as a clear error message so you can fix the input rather than silently producing garbled text.

Is my input sent to a server?

No. The encoder calls the browser's built-in `encodeURI` / `encodeURIComponent` and `decodeURI` / `decodeURIComponent` functions — there is no network request. You can verify this in your browser's DevTools network tab.