According to RFC 3986, URLs are considered equal even if they differ in the case of the hexadecimal digits of percent-encoded characters, eg. %FF == %ff. URL normalizers should always use uppercase characters, which is why urllib3 correctly transforms those lowercase digits to uppercase ones.

This is a problem though for sites which compare the request URL (or parts of it) byte for byte and return different responses depending on that. See #4002 (comment)

This PR therefore adds overrides for urllib3 which make it not transform hexadecimal digits of percent-encoded characters to uppercase. Since URLs are still considered equal, this shouldn't break anything and fix the problem mentioned above. If the original behavior is required, then request URLs can still be transformed manually. HTTP redirections could be a problem, but the risk is rather low.

Streamlink currently requires urllib3>=1.21.1,<1.27, as defined by requests>=2.26.0 here:
https://github.com/psf/requests/blob/v2.26.0/setup.py#L48

There are two different overrides for urllib3>=1.25.8 and urllib3>=1.25.4,<1.25.8, as noted in the code comments, because urllib3==1.25.8 had a minor revision of the string substitution. Versions of urllib3 prior to 1.25.4 unfortunately are using external libs for modifying the percent-encoding stuff and I'm not sure if the problem can be fixed there.

The added tests are working fine in both version ranges when the overrides are applied and will only fail in the lowercase test fixture when no override is applied, which is expected.

Should I add a test runner for urllib3==1.25.4 so that it can test both version ranges?