URL Encoding

URL encoding is the process of converting strings into valid URL format that can be transmitted over the Internet. URLs can only be sent over the Internet using ASCII based character sets. Since URLs often contain characters outside the ASCII set, the URL has to be converted into a valid ASCII format.

URL encoding is normally performed to convert data passed via html forms, because such data may contain special character, such as "/", ".", "#", and so on, which could either: a) have special meanings; or b) is not a valid character for an URL; or c) could be altered during transfer. For instance, the "#" character needs to be encoded because it has a special meaning of that of an html anchor. The character also needs to be encoded because is not allowed on a valid URL format. Also, some characters, such as "~" might not transport properly across the internet.

Encoding techniques can be use to avoid pattern detection when performing web application testing, especially SQL injections. Encoding has the effect of completely changing the text much in the same way cryptography changes the text it is meant to hide from unintended viewers.