Always match routes against percent-encoded paths.

[tigerwill90]

Route matching previously relied on url.URL.RawPath for the request path, falling back to url.URL.Path when RawPath was empty. The problem is that Go only populates RawPath for certain encoded characters like %2F. A path like /café gets decoded into url.URL.Path as /café with RawPath left empty. This meant matching behavior was inconsistent depending on which characters happened to be encoded in the request.

This switches to url.URL.EscapedPath(), which always returns the closest representation to the raw request line. Matching now consistently operates on percent-encoded paths regardless of what characters are encoded. Hex digits in percent-encoding are normalized to uppercase (%c3%a9 → %C3%A9) to ensure equivalent encodings match the same route.

All routing entry points (ServeHTTP, Match, Lookup, and Sub) now use a shared routingPath() helper instead of calling c.Path() directly. This function calls EscapedPath() and normalizes any lowercase hex digits to uppercase when RawPath is set:

func routingPath(r *http.Request) string {
    if r.URL.RawPath == "" {
        return r.URL.EscapedPath()
    }
    return stringsutil.NormalizeHexUppercase(r.URL.EscapedPath())
}

When RawPath is empty, EscapedPath() already produces uppercase hex, so normalization is skipped.

[codecov]

Codecov Report

❌ Patch coverage is 95.34884% with 2 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
txn.go	0.00%	2 Missing ⚠️

📢 Thoughts on this report? Let us know!