fix: parse data uris according to rfc 2397

[mhassan1]

This PR replaces the non-compliant DATA_URL_PATTERN regular expression in fromDataURI with the data-uri-to-buffer library, which is compliant with RFC 2397.

Before this change, the following valid Data URIs resulted in Invalid URL:

• data:;base64,MTIz
• data:application/octet-stream,123
• data:text/plain;charset=US-ASCII,123

It uses data-uri-to-buffer@3, which supports Node.js 6+.

[jasonsaayman]

Thanks for this, and apologies for the slow review.

The bug is real. I traced each of the three failing cases against the current regex and they all genuinely throw Invalid URL, so the motivation here holds. Your test matrix is also the most useful part of this patch: base64 and non-base64 doubled out, missing media type, charset parameter, URL-encoded body, the error paths. We'll keep all of that.

Where I'd like to land differently is the dependency. data-uri-to-buffer@3 is the last version that works for our supported Node range (v6+ is ESM-only and bumps engines.node to >=14), and v3 is effectively unmaintained at this point. axios is cautious about runtime deps for supply-chain reasons, and a regex fix isn't quite enough to justify pinning a stale package into the tree. RFC 2397's grammar fits in a single regex, so we'd rather do this inline.

I've opened #10808 to track the maintainer-led version with a compliant pattern and your test cases ported over to the vitest suite. Closing this one in favour of that. Genuinely appreciate the failing cases and the test work, both of which made the issue easy to write up.