The current spec is incorrect on this point, as (at least) ";" can appear in
origin URLs, and hence SWHID origin qualifiers, breaking SWHID parsing. This is
a minimal proposal that only requires to URL-escape the "%" and ";" characters,
as we do for paths.
... but to be honest the more I look into this the more it worries me. It would
be much better to fully percent-escape origin URLs, but that has the drawback
of making SWHID much less nicer to read.
I hope only escaping these two characters is enough, but I'm not entirely sure
it is...