URL Parser — Split a URL into Scheme, Host, Port, Path, Query & Fragment
Paste any URL and see every component named: protocol, hostname, port, path segments, query parameters as a table, and the fragment. Decoded and raw percent-encoded values sit side by side. Free, runs 100% in your browser on the native WHATWG URL parser.
| Protocol | https: | |
| Origin | https://www.toolk.site | |
| Hostname | www.toolk.site | |
| Port | 443default for https | |
| Pathname | /tools/url-parser | |
| Search | ?utm_source=newsletter&utm_medium=email&ref=top | |
| Hash | #features | |
| Full href | https://www.toolk.site/tools/url-parser?utm_source=newsletter&utm_medium=email&ref=top#features |
| # | Key | Value (decoded) | Raw value |
|---|---|---|---|
| 1 | utm_source | newsletter | newsletter |
| 2 | utm_medium | ||
| 3 | ref | top | top |
WHATWG URL Standard
Parser uses the same algorithm browsers use natively for every link and fetch — no homebrew regex, no edge-case bugs around IPv6, userinfo, or trailing slashes.
Query Parameters as Table
Search string split into key-value rows with both raw and decoded values shown. Spot double-encoding, repeated keys, and trailing whitespace at a glance.
Path Segments + Defaults
Path split into individual segments. Default ports (80 for HTTP, 443 for HTTPS, 21 for FTP) shown explicitly even when omitted from the URL string.
100% Client-Side
URLs often contain auth tokens, customer IDs, or internal hostnames. They never leave your browser. No fetch, no XHR.
URL Parser: break any URL into its components
A URL parser splits a URL string into its named parts — scheme, userinfo, host, port, path, query, and fragment — so you can read and debug it. Paste a URL and this tool shows every component, lists each query parameter as a table row, and prints decoded values beside the raw percent-encoded form. It uses the browser's native WHATWG URL parser, runs 100% in your browser, and is free with no upload.
How to parse a URL
- Paste a complete, absolute URL (it must start with a scheme such as
https://orpostgres://) into the input. - Read the component breakdown — protocol, hostname, port, path, search, and hash — each isolated on its own line.
- Scan the query parameters table: every key-value pair is a row, with the decoded value next to the raw percent-encoded string.
- Check the path segments chips to confirm REST resource parts like
/users/123/orderssplit correctly. - Use a sample URL (UTM link, GitHub API, Postgres URI, encoded path) to see how each component behaves, then copy any field or all params as JSON.
What is in a URL, and how does parsing work?
The generic syntax of a URL is defined by RFC 3986 as scheme://userinfo@host:port/path?query#fragment. Browsers parse with the WHATWG URL Standard, which refines RFC 3986 for the real web: it supports Unicode hosts via IDNA and, instead of rejecting an illegal character, percent-encodes it and continues. RFC 3986 has neither behavior — it has no IDNA and stops parsing on an invalid character. This tool calls the same native new URL() constructor browsers use for every navigation, fetch, and link, so a URL that parses here parses identically everywhere.
Query strings are read with URLSearchParams, the application/x-www-form-urlencoded parser. It walks the string after ?, splits on & then =, and exposes .get(key) for the first value and .getAll(key) for every value of a repeated key. Because it follows form-encoding rules, it decodes a + to a space — a subtlety covered in the examples below.
Worked examples: input → parsed
UTM marketing link
https://toolk.site/tools/url-parser?utm_source=newsletter&ref=top#features
protocol https:, hostname toolk.site, port 443 (default, shown explicitly), path /tools/url-parser, two params (utm_source=newsletter, ref=top), fragment #features.
Database connection URI (userinfo + explicit port)
postgres://user:p%40ssw0rd@db.example.com:5432/myapp_production?sslmode=require
username user, password masked, hostname db.example.com, port 5432, path /myapp_production. The password p%40ssw0rd decodes to p@ssw0rd — the @ had to be encoded as %40 so it wasn't mistaken for the userinfo separator.
Repeated query key
https://example.com/search?tag=red&tag=blue&tag=green
The table shows three separate rows, all keyed tag. In code, .get("tag")returns only "red" (the first), while .getAll("tag") returns ["red", "blue", "green"].
Edge case · + vs %20 in a query value
Given ?q=hello+world, the query-string parser (URLSearchParams) reads the value as hello world because form-encoding treats + as a space. But decodeURIComponent("hello+world") leaves the + intact — only %20 decodes to a space there. So the same value can look right in one view and wrong in another. To send a literal plus sign, encode it as %2B.
The seven URL components (RFC 3986 / WHATWG)
| Component | Example | Spec | Notes |
|---|---|---|---|
| scheme | https | URL Standard §3.1 | Protocol identifier. Common: http, https, ftp, mailto, ws, wss, file, data. |
| userinfo | user:password | URL Standard §3.2 | Authentication credentials (deprecated in URLs — use Authorization header instead). |
| host | www.example.com or 192.0.2.1 | URL Standard §3.3 | DNS hostname or IP address. IPv6 wrapped in square brackets. |
| port | 443 | URL Standard §3.4 | TCP port. Omitted when matching the default for the scheme. |
| path | /tools/url-parser | URL Standard §3.5 | Slash-separated hierarchical resource identifier. |
| query | utm_source=newsletter&ref=top | URL Standard §3.6 | After ? — typically key=value pairs joined by & (the application/x-www-form-urlencoded convention). |
| fragment | #features | URL Standard §3.7 | Client-side anchor. NEVER sent to the server in HTTP requests. |
The WHATWG URL Standard supersedes RFC 3986 for web URLs — browsers diverged from 3986 in incompatible ways years ago, and the WHATWG spec codified what actually works.
When a URL parser is the right tool
Debug analytics tags
Inspect UTM parameters in marketing links — utm_source, utm_medium, utm_campaign, utm_content, utm_term.
Validate redirects
Parse redirect chain URLs to verify the destination, query preservation, and any query-parameter injection.
Debug Open Graph URLs
Check what URL a Facebook / Twitter / LinkedIn scraper actually fetches when previewing a link.
Audit query injection
Spot accidentally-double-encoded values or trailing whitespace before they cause API errors.
Extract path parameters
Split /users/123/orders/456 into resource segments for REST API testing.
Manipulate search params
Add, remove, or change query parameters and rebuild the canonical URL.
The default-port and empty-segment behavior most parsers hide
The native URL object returns an empty string for .port when the port matches the scheme default, so a plain https://example.com reports no port at all. This tool fills that gap from a built-in map — http → 80, https → 443, ws → 80, wss → 443, ftp → 21 — and shows the implicit port explicitly, so you always know which port a request actually targets.
Two more real behaviors worth knowing. First, path segments are produced with pathname.split('/').filter(Boolean), so empty segments are dropped — /a//b/ yields just a and b, not five entries. Second, the decoded-value display uses decodeURIComponent wrapped so a malformed escape (a lone % or %zz) does not throw; it falls back to showing the raw string unchanged. That is exactly the signal of a double-encoding bug: if the "decoded" value still contains % sequences, something upstream encoded twice.
Runs 100% in your browser
Your URL never leaves your device. Parsing happens locally in JavaScript via the native URLconstructor — no fetch, no XHR, no uploads. That matters because URLs routinely carry Bearer tokens, pre-signed S3 links, OAuth callbacks, API keys, and internal hostnames. I tested all four bundled samples plus malformed inputs (bare /path, a lone %, double-encoded %2520, and repeated keys) to confirm the parser fails gracefully and the password field stays masked.
Frequently asked questions
Is the URL parser free and private?
Yes — 100% free with no signup or ads, and every URL is parsed in your browser. Nothing is sent to a server, so tokens and internal hostnames stay on your device.
Why does my URL fail to parse?
The WHATWG constructor needs an absolute URL with a scheme. A bare /path?query throws "Invalid URL" — prefix it with an origin like https://example.com to parse it.
How do I get all values of a repeated query key?
Each occurrence is a separate table row. In code, searchParams.getAll("tag") returns every value as an array, while .get("tag") returns only the first.
Does a + in the query mean a space?
Under URLSearchParams (form-encoding) yes, + decodes to a space. Under decodeURIComponent it does not — only %20 does. Encode a literal plus as %2B.
Related encoder & crypto tools
Percent-encode or decode individual values
JSON FormatterInspect API response bodies after a request
JWT DecoderDecode tokens that appear in callback URLs
Base64 EncoderEncode data carried in query strings
Base64 DecoderDecode Base64 tokens and payloads
HMAC GeneratorSign URLs and verify webhook signatures
Hash GeneratorSHA-256 / MD5 checksums for URL params
Image to Base64Inline images as data URIs in a URL
Base64 to ImagePreview a data-URI image from a URL
Guide: JWT Structure ExplainedHow tokens in callback URLs are built
All Developer ToolsBrowse the full Toolk tool hub
Last updated: June 2, 2026 · Runs 100% in your browser — no uploads, nothing leaves your device.
Need a different tool?
Browse all 89 free, in-browser tools — or tell us what we should build next.