Rouver

Bug Fixes

- Fix sub-routers with non-ASCII paths.

This release includes improvements against HTML injection attacks.

API-Incompatible Changes

- `rouver.html`: `http_status_page()`: The `message` argument will now
be HTML-escaped. Instead, an `html_message` argument was added.
`content` was renamed to `html_content`.

Bug Fixes

- `rouver.html`: Harden all functions against malicious input.
- `rouver.router`: Correctly HTML-escape error messages.

API-Incompatible Changes

- `rouver.response`: The following functions now only accept already
URL-encoded partial URLs:
- `created_at()`
- `created_as_json()`
- `temporary_redirect()`
- `see_other()`
Non-ASCII URLs with raise a `ValueError`.
- `rouver.handler`: See above.

Bug Fixes

- `rouver.response`: Partial URLs in `temporary_redirect()` etc. were
URL-encoded by accident.

API-Incompatible Changes

- `rouver.handler`: `RouteHandlerBase.respond`: `extra_headers` is now a
keyword-only argument.

API Additions

- `rouver.handler`: `RouteHandlerBase.respond`: Add `status` argument.

Bug Fixes

- `rouver.args`: `parse_args()` will now work for all methods, even if
no arguments are supplied.