Why does my JSON break the URL when I paste it directly into a query string?

JSON contains characters that are reserved in URL syntax: { } [ ] " : , # & = and space. When a browser or HTTP client parses the URL, these characters are interpreted as URL structure rather than query parameter values, fragmenting the JSON into multiple broken parameters. Percent-encoding converts each reserved character into its %XX hex escape, producing a single opaque string that survives URL parsing intact.

Should I encode JSON in a query parameter or use a POST request body instead?

For read operations (search, filter, GET requests) encoding JSON in the URL query string is fine. For write operations, sensitive data, or JSON larger than about 2 KB, use a POST/PUT request with the JSON in the body and Content-Type: application/json. URLs have practical length limits: around 2,000 characters for safe cross-browser/server support: so large JSON objects encoded in a URL may exceed that.

What is the URL length limit and how many characters of JSON can I safely encode?

The de-facto safe limit is 2,048 characters total URL length (RFC 7230 recommends servers accept at least 8,000, but many proxies and CDNs cap at 2,048–4,096). A percent-encoded JSON character expands to 3 characters (%XX), so a 500-byte JSON object could become 1,500+ encoded characters. For JSON objects larger than about 400–500 bytes, a POST request body is more reliable.

Does this tool validate the JSON before encoding it?

Yes. The input is parsed with JSON.parse before encoding. If your JSON is malformed: missing quotes, trailing comma, unescaped characters: you will see a specific parse error. Fix the JSON first using the JSON Formatter or JSON Repair tool, then encode.

Is percent-encoding the same as Base64 encoding?

No. Percent-encoding replaces unsafe characters with %HH hex pairs: the output is still somewhat human-readable (%22name%22 is clearly "name"). Base64 converts binary data into alphanumeric characters: the output is opaque (eyJuYW1lIjoiYWxpY2UifQ==). Percent-encoding is the correct choice for URL query parameters because servers decode it automatically. Base64 is used for embedding binary in text contexts (email attachments, JWTs, data URIs).

Can I encode JSON arrays in a URL, not just objects?

Yes. Any valid JSON value: object, array, string, or number: can be percent-encoded and placed in a URL parameter. For example, ?ids=%5B1%2C2%2C3%5D decodes to [1,2,3]. However, many frameworks (Express, Django, Rails) parse array query parameters differently from JSON-encoded arrays, so check your server's convention. If the server expects ?ids[]=1&ids[]=2, encoding a JSON array is the wrong approach.

Does the encoded string need encodeURIComponent or encodeURI?

Use encodeURIComponent (what this tool uses) for encoding JSON that goes into a query parameter value. encodeURI leaves characters like : / ? # & = unencoded because it is designed for full URLs: it would not properly encode a JSON object. encodeURIComponent encodes everything except A-Z a-z 0-9 - _ . ! ~ * ' ( ), making it safe for any query parameter value.

My API uses JSON in the URL path, not a query string: does encoding still apply?

Embedding JSON in a URL path segment (e.g. /api/search/{"query":"books"}) is strongly discouraged: forward slashes inside the JSON would break routing on most servers. If you control the API design, use a query string with an encoded JSON parameter or a request body. If you are consuming an existing API that does this, encode the JSON with encodeURIComponent and then additionally encode the forward slashes (%2F) if the server does not handle path decoding correctly.

JSON Tools › JSON URL Encode

JSON Input

URL-encoded Output

URL-encoded output will appear here.

Need more tools?

JSON URL Decode→JSON Formatter→JSON Minifier→JSON Validator→

JSON URL Encode Online

Encode a JSON object or array into a percent-encoded URL-safe string. Paste your JSON, click Encode, and paste the result directly into a query string: no escaping headaches, no broken URLs, no manual character replacement.

Why pasting raw JSON into a URL always breaks it

JSON uses characters that carry special meaning in URLs: { } delimit objects, " wraps strings, : separates keys and values, & splits query parameters, = assigns values. When you paste { "role":"admin" } into a browser address bar or API call, the parser interprets = as parameter assignment and & as the start of a new parameter: fragmenting your JSON into noise.

Percent-encoding converts every unsafe character into a % followed by its two-digit hex code. { becomes %7B, } becomes %7D, " becomes %22. The resulting string is opaque to URL parsers: they see one parameter value and decode it correctly when passing it to your application.

Concrete example

JSON: cannot be placed in a URL as-is

{"status":"active","roles":["admin","editor"],"limit":25}

Percent-encoded: safe in any query parameter

%7B%22status%22%3A%22active%22%2C%22roles%22%3A%5B%22admin%22%2C%22editor%22%5D%2C%22limit%22%3A25%7D

Full URL

/api/users?filter=%7B%22status%22%3A%22active%22...%7D

How to use

Paste your JSON object or array into the input. The tool validates JSON before encoding: if your JSON is malformed you will see a specific error.
Click Encode →.
Copy the percent-encoded output.
Use it in your query string: ?filter=encoded-value
To reverse the process: decode an encoded string back to JSON: use the JSON URL Decode tool.

Real-world developer scenarios

REST API filter parameters

APIs like Elasticsearch, Hasura, and many custom backends accept complex filter JSON in a query string. Encode before appending to avoid malformed requests.

Shareable dashboard links

Encode the current filter/sort state as JSON and put it in the URL so users can bookmark or share the exact view they are looking at.

Postman / curl test requests

When writing GET requests in curl or Postman with JSON query params, use the encoded form so the request is correct when replayed by teammates.

Pre-filling forms via URL

Some apps accept default form values in the URL. Encode the defaults as JSON and read them with decodeURIComponent on page load.

URL length limit: when to use a POST body instead

Percent-encoding expands each non-ASCII character to 3 bytes (%XX). A 300-byte JSON object may become 900+ characters after encoding, and most browsers and proxies handle URLs up to 2,048 characters safely. If your JSON is larger than about 400 bytes, consider switching to a POST request with the JSON in the request body (Content-Type: application/json): it is more reliable, has no size limit, and keeps sensitive data out of server logs and browser history.

Privacy

Encoding runs entirely in your browser using the native encodeURIComponent function. Your JSON is never sent to any server: not ours, not anyone else's. Check the Network tab in DevTools while encoding: no requests will appear. This matters especially if your JSON contains authentication tokens, user identifiers, or other sensitive values.

Frequently asked questions

Why does my JSON break the URL when I paste it directly?

JSON contains characters that are reserved in URL syntax: { } " : [ ] & = and space: which the browser and server interpret as URL structure, not data. Percent-encoding replaces every reserved character with its %XX hex escape, so the JSON survives URL parsing as a single opaque parameter value.

Should I use encodeURIComponent or encodeURI for JSON?

Always encodeURIComponent for JSON in a query parameter. encodeURI leaves characters like : and = unencoded because it is designed for full URLs. encodeURIComponent encodes everything except letters, digits, and -_.!~*'(): which is exactly what you need for a safe query value. This tool uses encodeURIComponent.

What is the URL length limit for encoded JSON?

Most browsers and servers safely handle URLs up to 2,048 characters. Percent-encoding expands each unsafe character to 3 characters. A 300-byte JSON object can expand to ~900 encoded characters. For JSON larger than ~400 bytes, use a POST request body instead.

Can I encode a JSON array (not just an object) in a URL?

Yes. Any valid JSON value: array, object, string, number: can be encoded. For example, ?ids=%5B1%2C2%2C3%5D decodes to [1,2,3]. Check that your server framework handles it correctly: Express and Django both have their own conventions for array parameters.

Does this encode the entire JSON or just the values?

The entire JSON string is encoded as a unit: keys, values, and all structural characters. This produces one single encoded string that your server can decode back to the original JSON with decodeURIComponent (or your framework's automatic decoding).

My JSON has a base64 image string: will that survive encoding?

Yes, but base64 strings contain + and = characters which are encoded to %2B and %3D. More importantly, a base64 image can be tens of kilobytes: far too large for a URL parameter. Store images separately and reference them by ID or URL instead.

Does percent-encoding hide or protect my JSON from being read?

No. Percent-encoding is not encryption: anyone can decode it instantly with decodeURIComponent. URLs appear in server access logs, browser history, Referer headers, and network monitoring tools. Do not put secrets, passwords, or private keys in URL parameters, encoded or otherwise.

The server is receiving my encoded JSON but it looks double-encoded: why?

Your framework is probably URL-decoding the query string automatically before your code receives it. If you then call decodeURIComponent again in your application, the first decoding step already happened. Check whether your framework's request.query or params object already gives you the decoded value. Most modern frameworks (Express, FastAPI, Rails) decode query parameters automatically.

Share this tool:𝕏 in