Correctly handle invalid escapes in routes

based on 0a5ead31c9fbd7b153c521c7f9d3df7bf826ce6c

api/router.js

@@ -12,6 +12,14 @@ var censor = require("../util/censor")
 
 var sentinel = {}
 
+function decodeURIComponentSave(component) {
+	try {
+		return decodeURIComponent(component)
+	} catch(e) {
+		return component
+	}
+}
+
 module.exports = function($window, mountRedraw) {
 	var callAsync = $window == null
 		// In case Mithril's loaded globally without the DOM, let's not break
@@ -67,7 +75,7 @@ module.exports = function($window, mountRedraw) {
 		// since the representation is consistently a relatively poorly
 		// optimized cons string.
 		var path = prefix.concat()
-			.replace(/(?:%[a-f89][a-f0-9])+/gim, decodeURIComponent)
+			.replace(/(?:%[a-f89][a-f0-9])+/gim, decodeURIComponentSave)
 			.slice(route.prefix.length)
 		var data = parsePathname(path)
 

api/tests/test-router.js

@@ -145,6 +145,19 @@ o.spec("route", function() {
 					o(root.firstChild.nodeValue).equals('{"ö":"ö"} /ö?ö=ö')
 				})
 
+				o("resolves to route w/ matching invalid escape", function() {
+					$window.location.href = prefix + "/%C3%B6abc%def"
+					route(root, "/öabc%def", {
+						"/öabc%def" : {
+							view: lock(function() {
+								return route.get()
+							})
+						}
+					})
+
+					o(root.firstChild.nodeValue).equals("/öabc%def")
+				})
+
 				o("handles parameterized route", function() {
 					$window.location.href = prefix + "/test/x"
 					route(root, "/test/:a", {