Current SDK code does not check percent encoding correctly, it allows something like "%%-%g%1%a%y"
I.e. every letter after %, rather than % hexdigit hexdigit only.