fix(ssr): Improve URL sanitization and routing in serve.js for SSR

fix(ssr): Improve URL sanitization and routing in serve.js for SSR

- Enhance `sanitizeUrl` function to comprehensively handle nested encodings, control characters, query parameters, hash fragments, and path traversal.
- Add iterative decoding in `sanitizeUrl` to support URLs with multiple encoding layers.
- Normalize URLs by stripping extraneous characters, collapsing redundant slashes, ensuring a leading slash, and conditionally removing trailing slashes.
- Implement `createMatchPathMiddleware` with modularized helpers:
  - `sanitizeUrl`: Cleans and normalizes URL paths.
  - `findMatchPath`: Safely finds a matching path with error handling.
  - `logMatch`: Logs match details if logging is enabled.
  - `handleError`: Centralized error handler for consistent logging and responses.
- Add caching for URL matches to improve performance.
- Add informative logs for matched paths, request durations, and errors.
- Ensure compatibility with various URL structures and improve security against path traversal vulnerabilities.
- Improve maintainability by breaking down the code into modular, reusable functions.

This commit addresses [Issue gatsbyjs#39010](gatsbyjs#39010) and enhances SSR handling for encoded URLs, improving both performance and robustness in the `serve.js` middleware.