What Is URL Encoding? (Percent-Encoding Explained)
URL encoding (officially called percent-encoding) converts characters that are not allowed or have special meaning in a URL into a % followed by two hexadecimal digits. For example, a space becomes %20 and an ampersand becomes %26. This ensures URLs are transmitted correctly through web infrastructure.
Why URL Encoding Exists
URLs can only contain a limited set of ASCII characters. Characters outside this set, and characters with special structural meaning (like ?, &, =, #), must be encoded when used as data inside a URL. Without encoding, a parameter value containing & would break the query string parsing.
Reserved vs Unreserved Characters
Unreserved characters (A–Z, a–z, 0–9, -, _, ., ~) are never encoded. Reserved characters (!, *, ', (, ), ;, :, @, &, =, +, $, ,, /, ?, #, [, ]) have structural meaning in URLs and must be encoded when they appear as literal data. Encoding maps each byte to its hexadecimal representation prefixed by %.
encodeURI vs encodeURIComponent
encodeURI() encodes a complete URL, leaving structural characters (/, :, ?, &, =, #) intact. Use it to sanitize full URLs. encodeURIComponent() encodes everything except unreserved characters — including structural characters. Use it for individual query parameter values. For example, encodeURIComponent('a&b=c') → 'a%26b%3Dc'.
Form Encoding vs URL Encoding
HTML forms use application/x-www-form-urlencoded, which is similar to URL encoding but encodes spaces as + instead of %20. When parsing form data received in a POST body, use form-specific parsers. When constructing URLs programmatically, always use standard percent-encoding.