Difference between Url Encode and HTML encode

Question

What’s the difference between an URL Encode and a HTML Encode?

URL encode will encode characters so that they are valid for URLs. E.g. `?` becomes `%3F` HTML encode will encode characters so they are valid for HTML. E.g. `<` becomes `<` — Matt Ellen, Nov 28 '09 at 13:00
If you want to encode for use in a URL, you use URL encoding. If you want to encode for display on an HTML page, you HTML encode it — Mitch Wheat, Nov 28 '09 at 13:00
Related post -[application/x-www-form-urlencoded or multipart/form-data?](https://stackoverflow.com/q/4007969/465053) — RBT, Nov 27 '21 at 09:46

score 94 · Accepted Answer · answered Nov 28 '09 at 13:01

94

HTML Encoding escapes special characters in strings used in HTML documents to prevent confusion with HTML elements like changing

"<hello>world</hello>"

to

"&lt;hello&gt;world&lt;/hello&gt;"

URL Encoding does a similar thing for string values in a URL like changing

"hello+world = hello world"

to

"hello%2Bworld+%3D+hello+world"

answered Nov 28 '09 at 13:01

Mehrdad Afshari

414,610
91
852
789

18

HTML encoding and URL encoding do fundamentally different things. If you HTML encode, for instance, 'hello world' and try to add it to a url, you will get an invalid url. Both are important, and should be used for different situations. – Neil Jul 28 '14 at 16:05
1

Just had to go through and replace several HtmlEncode usages for encoding urls with UrlEncoding, problems with encoding of spaces and some other special characters – PJUK Nov 03 '15 at 12:37
Beware, using HtmlEncode in lieu of UrlEncode can be problematic for URLs since HtmlEncode puts "&" characters all over your string. Depending on what your web service receiving the URL is expecting, a few extra "&" characters can be very problematic. For instance, if your web service is expecting each parameter in a URL to be preceded by a "&" character, but you used HtmlEncode which added in a bunch of extra "&" characters, you will likely get an error when your web service attempts to interpret the URL. I just had to replace several uses of HtmlEncode with UrlEncode for this very reason. – jdnew18 Jul 31 '18 at 13:36
3

Please don't listen to Phill. I find it impossible to believe he is using query strings and creating modern urls using HtmlEncode instead of UrlEncode. Saying UrlEncode is mostly useless is one of the most absurd things I've seen in a while on this site. – Nard Dog Jan 22 '19 at 21:48

score 26 · Answer 2 · edited Jan 28 '21 at 02:01

urlEncode replaces special characters with characters that can be understood by web browsers/web servers for the purpose of addressing... hence URL. For instance, spaces are replaced with %20, ' = %27 etc...

See these references:

HtmlEncode replaces special characters with character strings that are recognised by the HTML engine itself to render the content of the page - things like & become & or < = <, > = > this prevents the HTML engine from interpreting these characters as parts of the HTML markup and therefore render them as if they were strings.

See this reference:

http://msdn.microsoft.com/en-us/library/ms525347.aspx

Actually URLEncode replaces spaces with +, which can be a problem in some situations. — NetMage, Mar 06 '17 at 22:06

score 13 · Answer 3 · answered Jan 02 '09 at 04:24

Both HTML and URL's are essentially very constrained languages. As a language they add meaning to specific keywords or operators. For both of these languages though, keywords are almost always single characters. For example

HTML: > and <
URL: / and :

In the use of each language though it is possible to use these constructs in a manner that does not ensure the meaning of the language. For instance this post contains a > character. I do not want it to be interpreted as HTML, just text.

This is where Encode and Decode methods come into play. These methods will respectively take a string and convert any of the characters that would otherwise be treated as keywords into an escaped form which will not be interpreted as part of the language.

For instance: Passing > into HtmlEncode will return >

score 3 · Answer 4 · answered Jan 02 '09 at 04:22

HTMLEncode and URLEncode deal with invalid characters in HTML and URLs, or more accurately, characters that need to be specially written to be interpreted correctly. For example, in HTML the < and > characters are used to indicate tags. Thus, if you wanted to write a math formula, something like 1+1 < 2+2, the '<' would normally be interpreted as the beginning of a tag. HTMLEncoding turns this character into "<" which is the encoded representation of the less-than sign. URLEncoding does the same, but for URLs, for which the special characters are different, although there is some overlap.

score 2 · Answer 5 · edited Jun 20 '20 at 09:12

I don't know what language you are working in, but the PHP manual for example provides good explanations.

URLEncode

Returns a string in which all non-alphanumeric characters except -_. have been replaced with a percent (%) sign followed by two hex digits and spaces encoded as plus (+) signs. It is encoded the same way that the posted data from a WWW form is encoded, that is the same way as in application/x-www-form-urlencoded media type. This differs from the » RFC 1738 encoding (see rawurlencode()) in that for historical reasons, spaces are encoded as plus (+) signs.

Read on

Difference between Url Encode and HTML encode

5 Answers5

Linked

Related