Question 1

What is URL encoding and when do I need it?

Accepted Answer

URL encoding (percent-encoding) converts characters that are not allowed in URLs into a safe format. Spaces become %20, & becomes %26, and so on. You need it when passing query parameters, embedding special characters in a URL, or constructing API request URLs by hand. Most frameworks handle this automatically, but knowing how to encode/decode manually is essential for debugging HTTP requests.

Question 2

What is Base64 encoding used for?

Accepted Answer

Base64 encodes binary data (images, files, bytes) as ASCII text, making it safe to transmit over text-based protocols. Common uses include embedding images as data URIs in CSS (background-image: url("data:image/png;base64,...")), encoding binary payloads in JSON APIs, MIME email attachments, and storing binary data in environment variables. Base64 is not encryption — it is trivially reversible and provides no security.

Question 3

What is HTML entity encoding?

Accepted Answer

HTML entity encoding converts characters that have special meaning in HTML into safe equivalents: < becomes <, > becomes >, & becomes &, and " becomes ". This prevents browsers from interpreting user-supplied content as HTML markup or JavaScript, which is the primary defense against cross-site scripting (XSS) attacks. Any time you render user input in HTML, it should be entity-encoded.

Question 4

Is encoding the same as encryption?

Accepted Answer

No. Encoding transforms data into a different format for compatibility or transmission — it is fully reversible with no key required. Encryption transforms data to protect it from unauthorized reading — reversing it requires a secret key. Base64, URL encoding, and HTML entities are all encoding schemes, not security mechanisms. Never use encoding to protect sensitive data; use proper encryption instead.

Encoding	Input	Encoded output	Common use
URL encode	hello world & more	hello%20world%20%26%20more	Query strings, form data, API params
HTML entities	<script>alert(1)</script>	<script>alert(1)</script>	Preventing XSS in HTML output
Base64	Hello, World!	SGVsbG8sIFdvcmxkIQ==	Binary data in text, email attachments, data URIs
Unicode escape	café	\u0063\u0061\u0066\u00e9	JSON strings, JavaScript source, i18n

String Encoder/Decoder

Encoding Types

URL Encoding

HTML Entities

Base64

Unicode Escape

String Encoding Reference

Frequently Asked Questions

Related Tools

Code Beautifier

JSON Formatter

Base64 Encoder