URL Encoding: Why and How to Encode Characters in a URL

What is URL encoding (percent-encoding), when to use it in query strings and paths. Reserved characters, spaces and best practices.

February 4, 20262 min readURL Encode/Decode
Development

URL encoding (percent-encoding) means replacing characters that aren’t safe or have special meaning with a % followed by two hex digits. That lets you send spaces, symbols and non-ASCII characters in query strings and paths without breaking the URL structure.

Why encode?

In a URL, characters like &, =, ?, #, / and space have special meaning. If a parameter value contains e.g. a&b, the server might treat a and b as separate parameters. Encoding turns a&b into a%26b so it’s treated as one value. The same applies to spaces (encoded as %20 or + in query strings), accents and Unicode: they must be encoded so the URL is valid and not misread.

Where it’s used

  • Query strings: ?name=John%20Doe&search=c%23 — values with spaces, &, = or special characters must be encoded.
  • Path segments: if a segment has spaces or reserved characters, encode it (e.g. /search/hello%20world).
  • Forms: with GET, fields are sent in the URL and the browser usually encodes them; with POST and application/x-www-form-urlencoded the same encoding is used.
  • Links and APIs: when building URLs in code (e.g. for a link or request), use the language’s encode function (encodeURIComponent in JavaScript for parameter values, not the full URL).

How to encode and decode

An online URL encoder/decoder lets you paste a URL or text and get the encoded or decoded version. Use it to debug parameters, build correct links or understand a URL full of %XX. In code, don’t concatenate by hand: use encodeURIComponent() for query values in JavaScript and your language’s URL utilities to avoid bugs and security issues.

Frequently asked questions

What does it mean to encode a URL?
Converting characters that aren’t allowed or have special meaning in a URL (spaces, &, =, ?, etc.) into %XX sequences where XX is the character’s hex code. That keeps the URL valid and avoids misinterpretation.
When should I encode parameters?
Whenever a query value contains spaces, &, =, ?, #, / or non-ASCII characters. If you don’t encode, the browser or server may misparse parameters or truncate the value.
Space as %20 or +?
In query strings (application/x-www-form-urlencoded) space is often sent as +. In the path and other contexts %20 is used. When decoding, both + and %20 become a space. A URL encoder usually offers the option depending on context.
Encode the whole URL or just parameters?
Only the parts that need it: typically query parameter values and sometimes path segments if they contain special characters. The scheme (https://), host and delimiters (?, &, =) are not encoded as if they were free text.

Did you like this article?

Share it with your network

TwitterLinkedInFacebook

Ready to use our tools?

Try our free tools with no sign-up. JSON formatter, JWT Decoder, password generator and more.

View all tools