What is URL Encoding?
URL encoding (also called percent encoding) converts characters into a format that can be safely transmitted over the internet. Special characters are replaced with a "%" followed by two hexadecimal digits representing the character's ASCII code.
Common Use Cases
- Query Parameters: Encode values in URL query strings
- Form Data: Encode form submissions sent via GET requests
- API Requests: Safely pass parameters to API endpoints
- Search Queries: Encode search terms with special characters
- File Names: Create URL-safe file names and paths
- OAuth & Authentication: Encode redirect URLs and tokens
Characters That Need Encoding
- Space: %20 (or +)
- ! %21
- " %22
- # %23
- $ %24
- % %25
- & %26
- ' %27
- = %3D
- ? %3F
- @ %40
Safe Characters (No Encoding Needed)
The following characters don't need encoding: A-Z, a-z, 0-9, - (hyphen), _ (underscore), . (period), ~ (tilde)
Examples
Input: Hello World!
Encoded: Hello%20World%21
Input: user@example.com
Encoded: user%40example.com
Input: price=$100 & tax=10%
Encoded: price%3D%24100%20%26%20tax%3D10%25
Best Practices
- Always encode user input before adding it to URLs
- Encode each query parameter value separately
- Don't double-encode already encoded strings
- Use proper encoding for different URL parts (path vs query)
- Be aware that + can represent space in query strings