What is URL encoding?
URL encoding (also called percent-encoding) is a mechanism for encoding arbitrary data in a URI by replacing unsafe characters with a percent sign (%) followed by two hexadecimal digits representing the byte value. RFC 3986 defines which characters are allowed literally in a URL and which must be encoded.
A URL can only contain a limited set of characters defined as safe by RFC 3986: unreserved characters (A–Z, a–z, 0–9, hyphen, underscore, period, tilde) may appear literally. Reserved characters (; : @ & = + $ , / ? # [ ] !) have structural meaning in URLs (separating scheme, host, path, query, fragment) and must be percent-encoded when they appear as literal data rather than delimiters. Everything else — spaces, non-ASCII Unicode, control characters — must be encoded.
A space becomes %20 (or + in the query string for historical reasons). An ampersand in a query value becomes %26. The string "hello world" becomes "hello%20world" in a path or "hello+world" in an application/x-www-form-urlencoded query string. The accented character é (U+00E9) is encoded as %C3%A9 in UTF-8, because Unicode characters must be UTF-8 encoded first, then each byte percent-encoded.
JavaScript provides encodeURIComponent() for encoding individual values (encodes everything except unreserved characters) and encodeURI() for encoding a full URI (leaves reserved characters literal). The counterparts are decodeURIComponent() and decodeURI(). Most languages offer similar pairs.
Double-encoding is a common mistake: encoding an already-encoded string produces %2520 instead of %20 for a space. Always decode before encoding to avoid this.
URL encoding matters for query parameters (user input containing &, =, or # would break the query string structure), path segments (filenames with spaces or slashes), form submissions, and link construction in templates.
quickhelp.dev's URL Encoder encodes and decodes strings and shows the full percent-encoding table for reference.