Normalize request path

Co-authored-by: Romain <rtribotte@users.noreply.github.com>

docs/content/migration/v2.md

@@ -674,3 +674,32 @@ it can lead to unsafe routing when the `sanitizePath` option is set to `false`.
 
     Setting the `sanitizePath` option to `false` is not safe.
     Ensure every request is properly url encoded instead.
+
+## v2.11.25
+
+### Request Path Normalization
+
+Since `v2.11.25`, the request path is now normalized by decoding unreserved characters in the request path,
+and also uppercasing the percent-encoded characters.
+This follows [RFC 3986 percent-encoding normalization](https://datatracker.ietf.org/doc/html/rfc3986#section-6.2.2.2),
+and [RFC 3986 case normalization](https://datatracker.ietf.org/doc/html/rfc3986#section-6.2.2.1).
+
+The normalization happens before the request path is sanitized,
+and cannot be disabled.
+This notably helps with encoded dots characters (which are unreserved characters) to be sanitized properly.
+
+### Routing Path
+
+Since `v2.11.25`, the reserved characters [(as per RFC 3986)](https://datatracker.ietf.org/doc/html/rfc3986#section-2.2) are kept encoded in the request path when matching the router rules.
+Those characters, when decoded, change the meaning of the request path for routing purposes,
+and Traefik now keeps them encoded to avoid any ambiguity.
+
+### Request Path Matching Examples
+
+| Request Path      | Router Rule            | Traefik v2.11.24 | Traefik v2.11.25 |
+|-------------------|------------------------|------------------|------------------|
+| `/foo%2Fbar`      | PathPrefix(`/foo/bar`) | Match            | No match         |
+| `/foo/../bar`     | PathPrefix(`/foo`)     | No match         | No match         |
+| `/foo/../bar`     | PathPrefix(`/bar`)     | Match            | Match            |
+| `/foo/%2E%2E/bar` | PathPrefix(`/foo`)     | Match            | No match         |
+| `/foo/%2E%2E/bar` | PathPrefix(`/bar`)     | No match         | Match            |