JS: Add test case with encodeURI for request forgery

Author: Napalys

javascript/ql/test/query-tests/Security/CWE-918/serverSide.js

@@ -141,4 +141,8 @@ var server2 = http.createServer(function(req, res) {
   axios.get(target.toString()); // $Alert[js/request-forgery]
   axios.get(target); // $Alert[js/request-forgery]
   axios.get(target.href); // $Alert[js/request-forgery]
+  const encodedUrl = encodeURI(input);
+  axios.get(encodedUrl); // $MISSING:Alert[js/request-forgery]
+  const escapedUrl = escape(input);
+  axios.get(escapedUrl); // $MISSING:Alert[js/request-forgery]
 });