Intermediate
URLs show up everywhere in Python code — web scrapers pull them from HTML, APIs return them in JSON payloads, oLI tools accept them as arguments, and configuration files store them as connection strings. Treating a URL as a plain string works until it doesn’t: the query string has unescaped spaces, the path contains special characters, or you need to swap the hostname without breaking the rest of the URL. Parsing URLs properly — splitting them into scheme, host, path, and query parameters — is a fundamental skill for anyone working with the web in Python.
Python’s standard library includes urllib.parse, a complete URL parsing toolkit that requires no installation. It handles splitting, joining, encoding, decoding, and modifying URLs according to RFC 3986. For availability beyond “does it parse?” you can combine it with a regex or the third-party validators library. Everything in this tutorial runs on Python 3.x with zero dependencies.
In this tutorial, you’ll learn how to parse URLs into components with urlparse(), extract and modify query parameters with parse_qs() and urlencode(), encode special characters with quote() and quote_plus(), build URLs safely with urljoin(), and validate URLs before sending them to external services. By the end, you’ll have a reusable URL utility class you can drop into any project.
Parsing URLs in Python: Quick Example
Here’s thhe core pattern — parse a URL and access its individual components:
# url_quick.py
from urllib.parse import urlparse, parse_qs, urlencode, urljoin
url = "https://jsonplaceholder.typicode.com/posts?userId=1&_limit=5"
# Parse into components
parsed = urlparse(url)
print("Scheme: ", parsed.scheme)
print("Host: ", parsed.netloc)
print("Path: ", parsed.path)
print("Query: ", parsed.query)
# Parse query string into a dict
params = parse_qs(parsed.query)
print("Params: ", params)
# Modify a param and rebuild
params["_limit"] = ["10"]
new_query = urlencode(params, doseq=True)
new_url = parsed._replace(query=new_query).geturl()
print("New URL: ", new_url)
Output:
Scheme: https
Host: jsonplaceholder.typicode.com
Path: /posts
Query: userId=1&_limit=5
Params: {'userId': ['1'], '_limit': ['5']}
New URL: https://jsonplaceholder.typicode.com/posts?userId=%5B%2710%27%5D&_limit=%5B%275%27%5D
urlparse() returns a ParseResult named tuple with six fields: scheme, netloc, path, params, query, and fragment. The _replace() method (standard on named tuples) creates a modified copy without mutating the original. parse_qs() returns a dict where each value is a list, because HTTP allows multiple values per key — always expect lists, not strings, from parse_qs().
The sections below go deeper into each operation, including proper encoding, URL building, and validation patterns.
What Is urllib.parse?
A URL has a defined structure specified in RFC 3986. The full format is:
scheme://netloc/path;params?query#fragment
| | | | | |
https host:port /search q=py #topurllib.parse implements the RFC correctly, handling edge cases like IPv6 hosts, missing schemes, URL-encoded characters, and relative URLs. It’s the right tool for all URL manipulation; treating a URL as a string and slicing it manually will break on any non-trivial input.
| Function | What It Does | When To Use It |
|---|---|---|
urlparse() | Splits URL into 6 components | Reading/inspecting a URL |
urlunparse() | Joins 6 components into a URL | Rebuilding after modification |
parse_qs() | Query string to dict of lists | Reading query parameters |
parse_qsl() | Query string to list of tuples | Order-preserving param parsing |
urlencode() | Dict or list to query string | Building query strings |
quote() | Percent-encode a string | Encoding path segments |
quote_plus() | Percent-encode, spaces as + | Encoding form data |
unquote() | Decode percent-encoded string | Decoding URL components |
urljoin() | Resolve relative URL against base | Building absolute URLs from relative ones |
Parsing URL Components
Let’s examine urlparse() in detail. The function handles URLs with missing components gracefully — missing parts return empty strings, not exceptions. This makes it safe to use on untrusted or incomplete URLs without wrapping every call in a try/except.
# url_parse_components.py
from urllib.parse import urlparse
urls = [
"https://api.github.com/repos/python/cpython/issues?state=open&per_page=5",
"//cdn.example.org/assets/style.css", # protocol-relative URL
"/relative/path?foo=bar", # relative URL
"ftp://files.server.com:21/pub/data", # FTP with port
"mailto:user@example.com", # non-HTTP scheme
]
for url in urls:
p = urlparse(url)
print(f"URL: {url[:50]}")
print(f" scheme={p.scheme!r}, netloc={p.netloc!r}, path={p.path!r}")
print(f" query={p.query!r}, fragment={p.fragment!r}")
print(f" hostname={p.hostname!r}, port={p.port!r}")
print()
Output:
URL: https://api.github.com/repos/python/cpython/issues
scheme='https', netloc='api.github.com', path='/repos/python/cpython/issues'
query='state=open&per_page=5', fragment=''
hostname='api.github.com', port=None
URL: //cdn.example.org/assets/style.css
scheme='', netloc='cdn.example.org', path='/assets/style.css'
query='', fragment=''
hostname='cdn.example.org', port=None
URL: /relative/path?foo=bar
scheme='', netloc='', path='/relative/path'
query='foo=bar', fragment=''
hostname=None, port=None
URL: ftp://files.server.com:21/pub/data
scheme='ftp', netloc='files.server.com:21', path='/pub/data'
query='', fragment=''
hostname='files.server.com', port=21
URL: mailto:user@example.com
scheme='mailto', netloc='', path='user@example.com'
query='', fragment=''
hostname=None, port=None
Note that parsed.hostname is always lowercase and strips the port, while parsed.netloc preserves the original case and includes the port. Use parsed.hostname for comparison and parsed.netloc for rebuilding. Protocol-relative URLs (//cdn...) have an empty scheme — check for this when validating that a URL is fully qualified.
Working with Query Parameters
Query strings are where URL handling gets messy. Multiple values for the same key, URL-encoded characters, plus signs vs. %20 for spaces — parse_qs() and urlencode() handle all of this correctly.
# url_query_params.py
from urllib.parse import parse_qs, parse_qsl, urlencode, urlparse, urlunparse
raw_query = "tags=python&tags=web&tags=beginner&q=url+parsing&page=2"
# parse_qs: values are always lists
params = parse_qs(raw_query)
print("parse_qs:", params)
# parse_qsl: order-preserving list of tuples
params_list = parse_qsl(raw_query)
print("parse_qsl:", params_list)
# Build a new query string
new_params = {"q": "urllib.parse tutorial", "lang": "en", "page": 1}
query_string = urlencode(new_params)
print("urlencode:", query_string)
# Multi-value params need doseq=True
multi = {"tags": ["python", "web", "tutorial"], "page": 1}
print("multi:", urlencode(multi, doseq=True))
# Modify one param in an existing URL
url = "https://jsonplaceholder.typicode.com/posts?userId=1&_limit=5"
parsed = urlparse(url)
params = dict(parse_qsl(parsed.query))
params["_limit"] = "20" # change the limit
params["_sort"] = "title" # add a new param
new_query = urlencode(params)
modified_url = urlunparse(parsed._replace(query=new_query))
print("Modified:", modified_url)
Output:
parse_qs: {'tags': ['python', 'web', 'beginner'], 'q': ['url parsing'], 'page': ['2']}
parse_qsl: [('tags', 'python'), ('tags', 'web'), ('tags', 'beginner'), ('q', 'url parsing'), ('page', '2')]
urlencode: q=urllib.parse+tutorial&lang=en&page=1
multi: tags=python&tags=web&tags=tutorial&page=1
Modified: https://jsonplaceholder.typicode.com/posts?userId=1&_limit=20&_sort=title
Two important details: parse_qs() silently decodes + as a space (form-encoded convention), so q=url+parsing becomes {'q': ['url parsing']}. And urlencode() by default encodes spaces as + (safe for query strings); use quote(string, safe='') if you need percent-encoding instead. The doseq=True flag in urlencode() is required when values are lists — without it, you’d get tags=%5B%27python%27... (a stringified Python list, which is wrong).
URL Encoding and Decoding
URL encoding (percent-encoding) converts characters that aren’t safe in URLs into their %XX hex equivalents. Python provides quote() for path segments, quote_plus() for query values (spaces become +), and unquote()/unquote_plus() to reverse the process.
# url_encoding.py
from urllib.parse import quote, quote_plus, unquote, unquote_plus
# Encoding path segments (/ should stay, spaces become %20)
path = "/search/Python web scraping"
encoded_path = quote(path)
print("quote:", encoded_path)
# Encoding query values (spaces become +, / becomes %2F)
search_term = "Python web scraping & parsing"
encoded_query = quote_plus(search_term)
print("quote_plus:", encoded_query)
# Decoding
print("unquote:", unquote("/search/Python%20web%20scraping"))
print("unquote_plus:", unquote_plus("Python+web+scraping+%26+parsing"))
# The 'safe' parameter: characters to NOT encode
# By default, quote() treats '/' as safe
print("safe=/:", quote("/api/v2/search?q=hello world"))
print("safe='':", quote("/api/v2/search?q=hello world", safe=""))
# Build a complete URL with encoded components
base = "https://httpbin.org"
path_segment = quote("/get", safe="")
query = quote_plus("Hello World & more")
full_url = f"{base}{path_segment}?data={query}"
print("Full URL:", full_url)
Output:
quote: /search/Python%20web%20scraping
quote_plus: Python+web+scraping+%26+parsing
unquote: /search/Python web scraping
unquote_plus: Python web scraping & parsing
safe=/: /api/v2/search%3Fq%3Dhello%20world
safe='': %2Fapi%2Fv2%2Fsearch%3Fq%3Dhello%20world
Full URL: https://httpbin.org%2Fget?data=Hello+World+%26+more
The safe parameter is the key to correct encoding. quote() defaults to treating / as safe (not encoded), which is correct for path components. For query values, use quote_plus() which encodes everything including / and converts spaces to +. Never double-encode — calling quote() on an already-encoded string produces %2520 (the % itself gets encoded). Always start from the raw, unencoded value.
Joining and Resolving URLs
When scraping web pages, you’ll often find relative URLs in href attributes like /about or ../images/logo.png. urljoin() resolves these against a base URL, implementing the same logic browsers use.
# url_join.py
from urllib.parse import urljoin
base = "https://quotes.toscrape.com/page/2/"
# These are typical hrefs found in scraped pages
hrefs = [
"/author/Albert-Einstein", # absolute path
"page/3/", # relative path
"../tags/", # parent-relative path
"//cdn.server.com/logo.png", # protocol-relative
"https://other.com/page", # already absolute -- returned as-is
]
for href in hrefs:
resolved = urljoin(base, href)
print(f" {href!r:40s} -> {resolved}")
Output:
'/author/Albert-Einstein' -> https://quotes.toscrape.com/author/Albert-Einstein
'page/3/' -> https://quotes.toscrape.com/page/3/
'../tags/' -> https://quotes.toscrape.com/tags/
'//cdn.server.com/logo.png' -> https://cdn.server.com/logo.png
'https://other.com/page' -> https://other.com/page
urljoin() follows RFC 3986 resolution rules. An absolute path (/author/...) discards the base URL’s path entirely. A relative path (page/3/) is resolved relative to the last / in the base path. A protocol-relative URL (//cdn...) inherits the scheme from the base. An already-absolute URL is returned unchanged. This makes urljoin() safe to call on any href you extract from a web page, regardless of its form.
Real-Life Example: URL Validator and Normalizer
This utility class validates URLs for a web scraper pipeline — checks that they have an expected scheme, strips tracking parameters, and normalizes them to a canonical form.
# url_normalizer.py
from urllib.parse import urlparse, parse_qsl, urlencode, urlunparse
# Common tracking parameters to strip from URLs
TRACKING_PARAMS = {
"utm_source", "utm_medium", "utm_campaign", "utm_term", "utm_content",
"fbclid", "gclid", "msclkid", "ref", "_ga", "mc_eid",
}
ALLOWED_SCHEMES = {"http", "https"}
def validate_url(url):
"""Return (is_valid, error_message) for a URL."""
if not url or not isinstance(url, str):
return False, "URL must be a non-empty string"
url = url.strip()
try:
parsed = urlparse(url)
except Exception as exc:
return False, f"Parse error: {exc}"
if not parsed.scheme:
return False, "Missing scheme (http/https)"
if parsed.scheme not in ALLOWED_SCHEMES:
return False, f"Unsupported scheme: {parsed.scheme!r}"
if not parsed.netloc:
return False, "Missing host"
if "." not in parsed.netloc.lstrip("."):
return False, f"Host looks invalid: {parsed.netloc!r}"
return True, None
def normalize_url(url):
"""
Normalize a URL:
- Lowercase scheme and host
- Strip tracking parameters
- Remove default ports (80 for http, 443 for https)
- Remove trailing slash from root path only
"""
parsed = urlparse(url.strip())
scheme = parsed.scheme.lower()
netloc = parsed.netloc.lower()
# Strip default ports
if netloc.endswith(":80") and scheme == "http":
netloc = netloc[:-3]
elif netloc.endswith(":443") and scheme == "https":
netloc = netloc[:-4]
# Strip tracking params, preserve order
clean_params = [
(k, v) for k, v in parse_qsl(parsed.query)
if k.lower() not in TRACKING_PARAMS
]
clean_query = urlencode(clean_params)
return urlunparse((scheme, netloc, parsed.path, parsed.params, clean_query, ""))
# Test the utilities
test_urls = [
"https://jsonplaceholder.typicode.com/posts?userId=1&utm_source=newsletter&utm_campaign=weekly",
"HTTPS://HTTPBin.Org:443/get?data=hello&fbclid=ABC123",
"http://quotes.toscrape.com/page/1/?ref=homepage&page=1",
"ftp://files.example.com/data",
"not-a-url",
"",
]
for url in test_urls:
valid, err = validate_url(url)
if valid:
normalized = normalize_url(url)
print(f"OK -> {normalized}")
else:
print(f"ERR -> {err}")
Output:
OK -> https://jsonplaceholder.typicode.com/posts?userId=1
OK -> https://httpbin.org/get?data=hello
OK -> http://quotes.toscrape.com/page/1/?page=1
ERR -> Unsupported scheme: 'ftp'
ERR -> Missing scheme (http/https)
ERR -> URL must be a non-empty string
The normalizer removes utm_source, utm_campaign, and fbclid while preserving legitimate parameters like userId and page. It also lowercases the scheme and host, and strips redundant ports. This canonical form means duplicate URLs with different tracking parameters or case differences get treated as the same URL — essential for deduplication in scrapers and crawlers.
Frequently Asked Questions
Should I use urllib.parse or the requests library for URL handling?
urllib.parse is for parsing and building URL strings — it doesn’t make HTTP requests. The requests library is for making HTTP requests — it uses urllib.parse internally when you pass params= to a request. The two tools are complementary: use urllib.parse to construct, decode, and validate URLs, and use requests (or httpx) to actually fetch them. You’ll often use both in the same script.
When should I use parse_qs vs parse_qsl?
parse_qs() returns a dict of lists — good for random access by key. parse_qsl() returns an ordered list of tuples — good when order matters or when you need to process duplicate keys in sequence. If you’re building a URL canonicalizer (like the normalizer above), use parse_qsl() so you preserve insertion order and can filter in a single pass. If you just need to look up a specific parameter value, parse_qs()["key"][0] is more readable.
How do I properly validate a URL in Python?
urlparse() is very lenient — it successfully parses nearly anything, including strings that aren’t URLs at all. For basic validation, check that parsed.scheme and parsed.netloc are non-empty after parsing. For stricter validation (checking domain format, TLD, reachability), consider the validators library (pip install validators) which provides validators.url(url). Never use urlparse() alone as a security gate — it won’t catch all invalid or malicious URLs.
Why does urljoin() sometimes ignore my base URL?
If the second argument to urljoin() is an absolute URL (has a scheme and host), the base is ignored entirely — the absolute URL is returned as-is. This is RFC 3986 behavior. The fix is to check whether your href is absolute before calling urljoin(), or always pass the current page URL as the base and let urljoin() do the right thing. For scraping, always use the URL of the page you scraped as the base, not the site root — relative paths resolve from the current directory, not the root.
How do I avoid double-encoding URLs?
Always start from the raw, decoded value before encoding. If a URL is already encoded (contains %20 or similar), call unquote() first, then re-encode with quote(). A quick check: if your string contains a literal % followed by two hex digits, it’s already encoded. Double-encoding produces %2520 (the % becomes %25), which browsers and servers won’t interpret as a space. When in doubt, decode first with unquote() then encode with quote().
Conclusion
Python’s urllib.parse module gives you everything you need to work with URLs correctly: urlparse() to split URLs into components, parse_qs()/parse_qsl() to decode query strings, urlencode() to build them back, quote()/quote_plus() for safe encoding, and urljoin() to resolve relative URLs against a base. The URL normalizer above is a production-ready starting point — extend it with domain allowlists, path normalization, or integration with your scraper’s deduplication layer.
For HTTP requests themselves, pair urllib.parse with the requests or httpx library. For stricter URL validation including TLD checking and reachability tests, add the validators package. The urllib.parse module handles the structural and encoding layer; the rest of the stack builds on top of it.
Official documentation: https://docs.python.org/3/library/urllib.parse.html