fix(server): escape regex special chars in resource template literals

[Bartok9]

Summary

• ResourceTemplate.matches() now treats regex-special characters in the literal parts of a URI template (., ?, +, etc.) as literals instead of regex metacharacters.
• Fixes false positives where a template like data://.well-known/{name} matched URIs it should not.

Motivation

Closes #2961.

matches() converted the URI template to a regex with plain string replacement:

pattern = self.uri_template.replace("{", "(?P<").replace("}", ">[^/]+)")

This left regex-special characters in the literal portions unescaped, so they acted as metacharacters and produced incorrect matches:

Template	False match
data://.well-known/{name}	data://Xwell-known/hello (. = any char)
data://items/{id}.json	data://items/123Xjson (. = any char)

Fix

Escape the whole template with re.escape() first, then substitute the escaped {param} markers with named capture groups:

_PARAM_PATTERN = re.compile(r"\\\{([^}]+?)\\\}")
...
pattern = _PARAM_PATTERN.sub(lambda m: f"(?P<{m.group(1)}>[^/]+)", re.escape(self.uri_template))

Literal characters are now matched literally; parameters still capture [^/]+ as before.

Verification

• uv run pytest tests/server/mcpserver/resources/test_resource_template.py — 16 passed
• uv run ruff check / ruff format --check — clean

Real behavior proof

Regression test test_template_matches_escapes_regex_special_chars reproduces the issue cases. It fails without the source fix and passes with it:

# Without the source fix (test present):
TestResourceTemplate::test_template_matches_escapes_regex_special_chars  53 / 71  AssertionError
Results: 1 failed

# With the fix:
Results: 16 passed

[Kludex]

You've opened a duplicated pull request, please search opened PRs before creating new ones. Duplicated from #2749.