Free2BoxFree2Box

URL 编解码

URL 编码和解码

原始文字
输入要编码的文字
编码结果
URL 编码后的字串

建议下一步

1

URL 解析器

将 URL 分解为各个组成部分

相关工具

Base64 编解码工具

快速将文字编码为 Base64 格式,或将 Base64 解码回原始文字。

HTML 实体编码 / 解码

将特殊字符编码为 HTML 实体或将其解码还原

字符串转义 / 还原

为 HTML、JSON、JavaScript、SQL 等格式转义和还原字符串

进制转换器

在二进制、八进制、十进制和十六进制之间转换

时间戳转换器

在 Unix 时间戳和可读日期之间转换

ASCII / Unicode 查询

搜索和查询 ASCII 与 Unicode 字符码

使用方法

1

粘贴或输入内容

在输入区域输入您的文字、代码或数据。

2

选择选项

选取要应用的转换方式或格式。

3

复制结果

一键将输出结果复制到剪贴板。

为什么使用此工具

100% 免费

没有隐藏费用,没有付费等级——所有功能完全免费。

无需安装

完全在浏览器中运行。无需下载或安装任何软件。

隐私且安全

您的数据永远不会离开您的设备。不会上传至任何服务器。

支持移动设备

完全响应式设计——在手机、平板或桌面电脑上均可使用。

URL Encoding: Percent-Encoding for Safe Web Addresses

Key Takeaways

  • URL encoding (percent-encoding) replaces unsafe characters with %XX hex values to ensure URLs are transmitted correctly.
  • Spaces, ampersands, question marks, and non-ASCII characters all require encoding when used in URL parameters.
  • All encoding and decoding is performed in your browser — no data is sent to any server.

URLs can only contain a limited set of ASCII characters. When you need to include spaces, special characters, or Unicode text in query parameters or path segments, URL encoding (also called percent-encoding) converts them into a universally safe format. Proper URL encoding prevents broken links, security vulnerabilities, and data corruption in web applications.

Improper URL encoding is among the OWASP Top 10 causes of web application injection vulnerabilities.

Security Impact

Key Concepts

1

Reserved vs. Unreserved Characters

RFC 3986 defines unreserved characters (A-Z, a-z, 0-9, -, _, ., ~) that need no encoding. Reserved characters (: / ? # [ ] @ ! $ & ' ( ) * + , ; =) have special meaning in URLs and must be encoded when used as data.

2

encodeURI vs. encodeURIComponent

encodeURI() encodes a full URI but preserves reserved characters. encodeURIComponent() encodes everything except unreserved characters, making it correct for encoding individual query parameter values.

3

Unicode and UTF-8 Encoding

Non-ASCII characters (Chinese, Arabic, emoji) are first converted to UTF-8 bytes, then each byte is percent-encoded. The character '日' becomes %E6%97%A5.

4

Double Encoding Pitfalls

Double encoding occurs when already-encoded values are encoded again (% becomes %25). This creates broken URLs and is a common source of bugs in URL construction.

Pro Tips

Always use encodeURIComponent() for query parameter values, never encodeURI() — the latter will not encode & and = characters.

Decode URLs before displaying them to users for readability, but always keep them encoded in HTTP requests.

Be careful with the '+' character — in query strings it represents a space (application/x-www-form-urlencoded), but in path segments it is literal.

Test URL encoding with international characters (CJK, Arabic, emoji) to ensure your application handles multibyte UTF-8 correctly.

All URL encoding and decoding is performed entirely in your browser. Your URLs and query parameters are never sent to any external server.

Sources

常见问题