Hi Joe,
thanks for sharing !
Indeed, some of those characters have a special meaning and are able to break the expected behavior, http://www.faqs.org/rfcs/rfc1738.html :
The character "#" is unsafe and should always be encoded because it is used in World Wide Web and in other systems to delimit a URL from a fragment/anchor identifier that might follow it.
More info can be found here: https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Syntax (RFCs are clear but require more than a read to be fully understood ).
Even the SCORM specs tell about the need to use valid URI i.e. by enconding those "unsafe" characters.
HTH,
Matteo