URL Decode
Decode percent-encoded (URL-encoded) text back into plain, readable characters.
Example
Decoding a percent-encoded query string:
Input: https%3A%2F%2Fexample.com%2F%3Fq%3Dhello%20world
Output: https://calccafe.com/?q=hello world
How it works
Paste percent-encoded text in the input pane; the tool runs decodeURIComponent live and shows the decoded result. Invalid escape sequences are reported in the status line.
Good to know
URL Decode takes percent-encoded text — the kind you see in links and query strings where spaces become %20 and other characters turn into sequences like %C3%A9 — and converts it back into the plain, readable characters it represents. It's aimed at developers, QA testers, support staff, and anyone who needs to make sense of a tangled URL pulled from a browser address bar, a log file, an analytics report, or an API request.
You'd reach for it whenever a link is unreadable because of encoding, or when you need to inspect what's actually being passed in a query parameter. Common cases include decoding a redirect URL nested inside another URL (for example a ?next= or ?redirect= value), reading UTM tracking parameters, debugging form submissions, or recovering accented and non-Latin text that got escaped during transport.
Reading the result is straightforward: the decoded text appears in the output pane, and the status line confirms how many characters were processed. If the input contains a broken escape, you'll instead see an "Invalid percent-encoding" message naming the malformed part rather than a partial or guessed result — the tool decodes the whole string or none of it.
One practical caveat: this tool uses decodeURIComponent, which decodes a single, complete encoded value. If you paste an entire URL where reserved characters like &, =, or / are themselves encoded inside one parameter, decode that parameter on its own to avoid confusing where one value ends and the next begins. Also note that a literal + stays a + here; in older form-encoded data a + means a space, so swap those manually if you're decoding that style of input.
Frequently asked questions
What is the difference between URL decoding and HTML decoding?
URL decoding converts percent-escapes like %20 and %C3%A9 back to characters using decodeURIComponent. HTML decoding handles entities like & or < instead, which this tool does not process.
Why do I get an 'Invalid percent-encoding' error?
decodeURIComponent throws on malformed escapes such as a lone % or %ZZ that is not followed by two valid hex digits. Fix or remove the bad sequence and the input will decode.
Is my data uploaded anywhere?
No — this tool runs entirely in your browser. Your input never leaves your device and it works offline once loaded.
Is it free?
Yes, completely free with no sign-up and no limits.
People also ask
What does %20 mean in a URL?
%20 is the percent-encoded form of a space character. URLs cannot contain raw spaces, so they are replaced with %20 (or sometimes a + in form data) and decoded back to a space when read.
How do I decode a URL with special characters like é or emoji?
Such characters are encoded as one or more bytes in UTF-8, each shown as a %XX pair (for example é becomes %C3%A9). A URL decoder reads those byte sequences and reconstructs the original character automatically.
Is decodeURIComponent the same as decodeURI?
No. decodeURIComponent decodes every percent-escape, including reserved characters like &, =, and /. decodeURI leaves those reserved characters encoded because it is meant for whole URLs rather than individual components.
Why does my decoded text still show + signs instead of spaces?
Percent-decoding treats + as a literal plus sign. The + as a space convention comes from application/x-www-form-urlencoded form data, so you would need to replace + with a space before or after decoding if your input uses that format.
Can I decode a URL more than once?
Yes, double-encoded values exist where a string was encoded twice (for example %2520 represents an encoded %20). You decode it repeatedly, running the output back through the decoder until no percent-escapes remain.
Is it safe to decode URLs containing tokens or passwords?
Decoding happens entirely in your browser and nothing is uploaded, so the input stays on your device. As a general practice, be cautious about exposing secrets like access tokens on shared screens regardless of where decoding occurs.
What characters need to be percent-encoded in a URL?
Characters outside the unreserved set (letters, digits, and - _ . ~) are typically encoded, including spaces, reserved characters used as delimiters, and any non-ASCII text. Encoding ensures the URL is transmitted without ambiguity.
Related tools