Depending on what technology you’re using, there is usually a built-in function that will handle this for you.

ASP.NET (VB) & Classic ASP

myUrl = Server.UrlEncode(myUrl) 

ASP.NET (C#)

myUrl = Server.UrlEncode(myUrl); 

PHP

$myUrl = urlencode($myurl); 

If you simply would like to remove unsafe characters, you would need a regular expression. RFC 1738 defines what characters are unsafe for URLs:

Unsafe:

Characters can be unsafe for a number of reasons. The space
character is unsafe because significant spaces may disappear and
insignificant spaces may be introduced when URLs are transcribed or
typeset or subjected to the treatment of word-processing programs. The characters ‘<‘ and ‘>’ are unsafe because they are used as the
delimiters around URLs in free text; the quote mark (”’) is used to
delimit URLs in some systems. The character ‘#’ is unsafe and should
always be encoded because it is used in World Wide Web and in other
systems to delimit a URL from a fragment/anchor identifier that might follow it. The character ‘%’ is unsafe because it is used for
encodings of other characters. Other characters are unsafe because
gateways and other transport agents are known to sometimes modify such characters. These characters are ‘{‘, ‘}’, ‘|’, ‘\’, ‘^’, ‘~’, ‘[‘, ‘]’, and ‘`’.