application/x-www-form-urlencoded — HTML Forms & API Requests
The default encoding for HTML form submissions. Field names and values are encoded as key=value pairs separated by & characters, with special characters percent-encoded. Suitable for simple text forms but not file uploads.
Used For
- HTML form submissions
- OAuth 2.0 token requests
- Simple login forms
- URL-safe parameter encoding
HTTP Header Example
POST /login HTTP/1.1
Content-Type: application/x-www-form-urlencoded
username=alice&password=secret%21&remember=trueCode Examples
// HTML form — sends application/x-www-form-urlencoded by default
<form method="POST" action="/login">
<input name="username" />
<input name="password" type="password" />
<button type="submit">Log in</button>
</form>
// Fetch API — send form-encoded data
const params = new URLSearchParams({ username: 'alice', password: 'secret!' })
await fetch('/login', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
body: params.toString(),
})
// Express — parse form body
import express from 'express'
app.use(express.urlencoded({ extended: true }))
app.post('/login', (req, res) => {
const { username, password } = req.body
})Related MIME Types
Frequently Asked Questions
What is the application/x-www-form-urlencoded MIME type?
The default encoding for HTML form submissions. Field names and values are encoded as key=value pairs separated by & characters, with special characters percent-encoded. Suitable for simple text forms but not file uploads.
When should I set Content-Type: application/x-www-form-urlencoded?
Set Content-Type: application/x-www-form-urlencoded on HTTP responses that contain URL-encoded Form Data data. HTML form submissions.
What file extensions use application/x-www-form-urlencoded?
application/x-www-form-urlencoded is a format type rather than a file extension — it's identified by its content structure.
What happens if I serve this with the wrong Content-Type?
Browsers use the Content-Type header to decide how to handle the response. Serving application/x-www-form-urlencoded content with an incorrect MIME type can cause browsers to display it incorrectly, refuse to execute it (scripts), or prompt an unintended download. Modern browsers respect X-Content-Type-Options: nosniff and will not attempt to auto-detect the type.
