URL Encoder & HTML Entity Encoder

URL Decode Online: Percent Decode Tool

Decode percent-encoded URLs back to readable text. Converts %20 to spaces, %2F to slashes, and decodes UTF-8 sequences.

100% client-side. Your data never leaves your browser.

Related Tools

b64
Base64 Encode/Decode

Encode and decode Base64 strings online. Handles UTF-8 text, emoji, and binary data with full round-trip support. No server, no signup.

 sha
Hash Generator

Generate MD5, SHA-1, SHA-256, and SHA-512 hashes from text or files. Uses the browser's Web Crypto API for SHA hashes with a pure JS fallback for MD5.

URL Decode Online

The encoded string in this example decodes to https://example.com/search?q=café & résumé&page=1. Percent decoding is the reverse of percent encoding: each %XX sequence is converted back to its character. UTF-8 multi-byte sequences like %C3%A9 decode to their Unicode character (é). Use this when you are reading server logs, debugging redirects, or inspecting tracking URLs.

Where You Encounter Encoded URLs

Server access logs

Web servers log the raw request URI including any encoding. A user searching for “café” generates a log line like:

GET /search?q=caf%C3%A9 HTTP/1.1

When you scan logs for specific query values, you may need to match either the encoded or decoded form. Paste the raw log URL here to see what the user actually requested.

Redirect and tracking parameters

Email tracking links and ad networks nest entire URLs inside query parameters. The inner URL gets percent encoded, sometimes multiple times:

https://click.example.com/track?url=https%3A%2F%2Ftarget.com%2Fpath%3Futm_source%3Demail

Decoding the outer URL reveals the destination. If the inner URL is also encoded (double encoding), decode again.

API debug output

Tools like curl -v and browser network panels sometimes display URLs in encoded form. If you are reading an API response that contains a URL as a string value in JSON, it may be percent encoded.

Copy-pasting from browser address bars

Modern browsers display decoded URLs in the address bar for readability, but the actual URL sent in the HTTP request is encoded. Copying from the address bar gives you the human-readable form; copying from developer tools network panel gives you the raw encoded form.

Decoding in Code

JavaScript

// Decode a full URL (leaves structural characters like / and ? intact)
decodeURI("https%3A%2F%2Fexample.com%2Fsearch%3Fq%3Dcaf%C3%A9")
// → "https%3A%2F%2Fexample.com%2Fsearch%3Fq%3Dcafé"
// Note: %3A, %2F, %3F are not decoded because they are reserved characters

// Decode a component value (decodes everything including reserved characters)
decodeURIComponent("https%3A%2F%2Fexample.com%2Fsearch%3Fq%3Dcaf%C3%A9")
// → "https://example.com/search?q=café"

// Handle + as space in query strings
const params = new URLSearchParams("q=caf%C3%A9+%26+r%C3%A9sum%C3%A9");
params.get("q"); // → "café & résumé"

The practical rule: use decodeURIComponent when you have a parameter value extracted from a URL. Use decodeURI when you want to make a full URL readable while keeping its structure intact.

Python

from urllib.parse import unquote, unquote_plus

# Decode %XX sequences
unquote("caf%C3%A9")
# → "café"

# Decode %XX sequences and convert + to space
unquote_plus("caf%C3%A9+latte")
# → "café latte"

# Parse query string into a dict (handles all encoding automatically)
from urllib.parse import parse_qs
parse_qs("q=caf%C3%A9+%26+r%C3%A9sum%C3%A9")
# → {"q": ["café & résumé"]}

Command line

# Python one-liner for quick decoding
python3 -c "from urllib.parse import unquote; print(unquote('caf%C3%A9'))"

# Node.js one-liner
node -e "console.log(decodeURIComponent('caf%C3%A9'))"

Double-Encoded URLs

Double encoding happens when an already-encoded string gets encoded again. The percent sign % encodes to %25, turning %20 into %2520.

Original:         hello world
Encoded once:     hello%20world
Encoded twice:    hello%2520world

This shows up in middleware chains where each layer encodes its output without checking if encoding was already applied. You will also see it when building URLs by string concatenation, where one segment was already encoded.

To recover the original value, apply the decoder twice. To diagnose it, look for %25 in an encoded string: if the next two characters are hex digits, the string was double-encoded at that position.

Path Encoding vs Query String Encoding

The RFC 3986 URI specification treats different parts of a URL differently:

ComponentStructural delimitersTypical encoding
Path/ separates segmentsEncode data slashes as %2F
Query string& separates pairs, = separates key/valueEncode data & and = as %26 and %3D
Fragment# starts the fragmentEncode # as %23

The space character has two encodings in query strings: %20 (strict percent encoding per RFC 3986) and + (HTML form encoding). Both are in common use. %20 is always safe. + is only correct in the query string context, never in the path.

For encoding URLs correctly when building them in code, use URL Encoder rather than manual string manipulation.