Herramienta browser-only
Codificador y decodificador URL
Usa percent-encoding para URLs validas, no para ocultar informacion sensible.
Advertencia: la codificacion URL no es cifrado. No pongas contrasenas, tokens ni identificadores privados en URLs.
Esperando entrada.
Casos utiles y peligrosos de codificacion URL
Useful for:
- Query parameter values.
- Redirect URL parameters.
- Debugging API calls.
- Preserving special characters in URL components.
Do not use for:
- Hiding secrets.
- Protecting tokens.
- Sanitizing untrusted redirects by itself.
Safer alternatives:
- Use POST bodies or secure headers for sensitive values.
- Validate redirect targets on the backend.
Privacidad y limitaciones
URL encoding and decoding runs locally in your browser. This static page does not upload input.
- URL encoding is not encryption and does not hide sensitive data.
- Do not put passwords, tokens, or private identifiers in URLs because URLs can appear in logs, browser history, and analytics.
- This tool handles text values and URL components; full URL validation can require application-specific rules.
FAQ
Is URL encoding secure?
No. URL encoding only makes characters safe for URLs. It does not encrypt or protect the data.
When should I encode a URL component?
Encode query parameter values, path parts, or redirect targets when special characters could break URL syntax.
Why should secrets not be placed in URLs?
URLs can be stored in browser history, server logs, referrer headers, analytics tools, screenshots, and support tickets.
What is the difference between URL encoding and Base64?
URL encoding escapes characters for URL syntax. Base64 represents bytes as text. Neither one provides secrecy.
Can decoding fail?
Yes. Invalid percent sequences or malformed UTF-8 can fail to decode correctly.