Home/Glossary/URL Encoding (Percent Encoding)

URL Encoding (Percent Encoding)

A mechanism for encoding special characters in URLs using percent signs followed by hexadecimal values.

EncodingAlso called: "percent encoding", "url escape"

URLs can only contain certain characters, so special characters must be encoded.

Why encoding is needed

  • Spaces, slashes, and symbols have special meanings in URLs.
  • Non-ASCII characters (é, ñ, 中) need encoding for compatibility.
  • Prevents security issues from malformed URLs.

Common encodings

  • Space: %20 or +
  • Forward slash: %2F
  • Question mark: %3F
  • Ampersand: %26
  • Hash: %23

Security implications

  • Double encoding can bypass filters: %252F becomes %2F becomes /.
  • URL encoding used in XSS, SQL injection, and path traversal attacks.

Related Tools

Related Articles

View all articles
HTML Encoder/Decoder

HTML Encoder/Decoder

Encode and decode HTML entities for safe display in web pages with special character handling

Read article →
URL Encoder/Decoder

URL Encoder/Decoder

Encode and decode URLs and query strings for safe transmission with special character handling

Read article →
What is URL Encoding (Percent Encoding) and Why Is It Necessary?

What is URL Encoding (Percent Encoding) and Why Is It Necessary?

Learn about URL encoding (percent encoding) - the essential web standard that makes special characters safe in URLs. Discover why spaces become %20 and how encoding prevents broken links.

Read article →
What is Base64 Encoding and How Does It Work?

What is Base64 Encoding and How Does It Work?

Learn the technical details of Base64 encoding, how it converts binary data to ASCII text, and why it

Read article →

Explore More Encoding

View all terms

Base64 Encoding

A binary-to-text encoding scheme that converts binary data into ASCII characters for safe transmission over text-based protocols.

Read more →
Back to glossary