What is URL encoding?
URL encoding (also called percent-encoding) replaces characters that
aren't safe to include in a URL — spaces, ampersands, slashes when they're
data — with %XX escape sequences, where XX is the
hex byte value. For example, a space becomes %20 and
& becomes %26.
Component vs whole URI
- Component (the default — uses
encodeURIComponent) escapes everything that isn't safe in a query parameter value. This is what you want when encoding a single value to drop into?param=…. - Whole URI (uses
encodeURI) preserves reserved characters like:,/,?,&, and#so the URL stays a valid URL. Use this when you have a complete URL with spaces or unicode that needs cleaning up.
Common gotchas
-
+is not the same as%20in all contexts. In query strings, both decode to a space; in path segments,+is literal. When in doubt, use%20. -
Double-encoding (encoding something that's already encoded) turns
%20into%2520. If your decoded output looks weird, try decoding it twice.
Is my data private?
Yes. Encoding and decoding use the browser's built-in
encodeURIComponent / decodeURIComponent primitives.
Nothing leaves your device.