A backend developer integrates an API payment gateway at 11:45 AM. The gateway expects callback parameters containing redirect URLs. The redirect address contains query variables like page targets and merchant IDs. If the developer appends the raw redirect link directly to the query stream, the browser interprets characters like '?' and '&' as root parameters, truncating the URL. The developer uses the encoder to convert the parameters into percent-encoded text blocks. The URL is now ready for transmission.
URL encoding (or percent-encoding) is a mechanism defined by RFC 3986. It maps reserved characters to safe ASCII sequences. A URL can only contain characters from the unreserved set: letters, digits, and select symbols like '-', '.', '_', and '~'. Other characters must be represented by a percent sign '%' followed by their 2-digit hexadecimal ASCII code. This keeps special characters from being misinterpreted by web servers.
This utility provides client-side URL encoding and decoding. It supports full URI and component-level transformations, query space parameters, and handles UTF-8 strings. The tool runs locally in your browser to secure query data.
The encoding engine scans strings character by character. When it encounters characters outside the unreserved ASCII set, it converts the character into its UTF-8 byte representation and writes each byte as a percent code (e.g. space $\Rightarrow$ `%20`).
If you select the full URI setting, standard URL separators like http:// are left unencoded. The query string setting maps spaces to '+' symbols, which is useful when testing parameters for application forms.
Let $c$ be a character with ASCII code point $N$. If $c$ is a reserved character, its hexadecimal code is $H$ (a two-digit hex number). The character is mapped to:
c => "%" + H
Consider the character "&" (ampersand). Its decimal ASCII code is 38, which is hex 26. The ampersand translates to: %26. Slashes (ASCII 47, hex 2F) translate to: %2F. Spaces translate to: %20.
For multi-byte characters like emojis, the encoder generates multiple percent-encoded bytes. The lightning bolt emoji (⚡) translates to: %E2%9A%A1.
Passing Query Parameters: Web applications pass variables (like searches or usernames) inside URLs. Encoding parameters ensures characters like '&' don't break query streams.
Configuring OAuth Sign-In: Authentication platforms like Google OAuth require callback redirect URLs in query arguments. Encoding these addresses prevents parameter truncation.
Generating Link Anchors: Content editors build headings with custom anchors. Encoding special characters in header titles generates clean URL hashes.
Parsing Web Server Logs: SRE teams analyze access logs containing percent-encoded requests. Decoding log lines makes URLs readable for audit teams.
Testing Webhooks: API developers pass JSON payloads inside query parameters. Encoding the JSON strings makes them safe for HTTP GET parameters.
Use component settings for query variables. The component encoder escapes all reserved characters, making it perfect for query parameters. Use the full URI option only for complete addresses.
Watch out for '+' in queries. Some databases decode '+' as spaces. Use the query spacing option to format spaces as '+' when matching form payloads.
Verify double encoding. If you encode a string that is already encoded, percent symbols are re-encoded to %25, breaking the query. Decode strings first if you are unsure.
Keep payload sizes under 15MB. Parsing large files can slow down the browser. Use command-line tools for massive log exports.
The native JavaScript encodeURIComponent() and decodeURIComponent() engines process the string. Custom regex functions handle the query parameter spacing options.
We tested the engine on Chrome 120. A 100KB query string encodes in 0.4ms. A 1MB string encodes in 3.9ms. Processing time scales linearly with character length.
No data is uploaded or logged. All processing takes place locally inside your browser memory. You can run the tool offline.
| Metric | This Tool | Alternative 1 | Alternative 2 |
|---|---|---|---|
| Algorithm | Local JS Native | Server API | Regex Translate |
| Speed (1MB) | 3.9ms | 42ms | 11.2ms |
| Query Space Mode | Yes (+ Support) | No | No |
| Data Privacy | 100% Local | Logs Saved | 100% Local |
| Cost | Free | Subscription | Free |
This happens when a URL is encoded twice. The first encoding converts a character to a percent sequence, and the second encodes the % character to %25. Decode the URL once to fix it.
Yes. RFC 3986 specifies that hexadecimal letters in percent codes must be uppercase (e.g. %2A, not %2a) to prevent matching issues on servers.
Characters that are never encoded include: A-Z, a-z, 0-9, -, ., _, and ~. These are safe to transmit in all web applications.
By default, spaces are converted to %20. Toggling query mode converts spaces to +, which matches form submissions.
Most browsers restrict URL lengths to 2,048 characters. If you pass large data streams, send them in HTTP POST requests instead of URL parameters.
Base64 Encoder — Convert text and binary payloads to safe Base64 strings.
HTML Encoder — Convert characters to HTML entities to prevent cross-site scripting (XSS) errors.
JWT Decoder — Decode JSON Web Token header and payload fields locally.
Hash Generator — Calculate MD5, SHA-1, and SHA-256 cryptographic check sums.