fix: disable HTML escaping in JSON encoder to preserve transaction signatures

[ety001]

Problem

Go's json.Marshal escapes HTML special characters (<, >, &) to \uXXXX by default. steemd's FC JSON parser does not understand \u escapes, so a transaction body containing > (common in Markdown blockquotes) would be received as u003e, breaking the signature verification and causing Missing Posting Authority errors.

This only affects long posts/comments that contain these characters. Short comments without HTML special chars are unaffected.

Root Cause

• Go's encoding/json escapes < → \u003c, > → \u003e, & → \u0026
• steemd's FC library parseEscape() doesn't support \uXXXX Unicode escapes
• FC parses \u003e as literal u003e (5 chars) instead of > (1 char)
• Signature verification fails because body content was altered

Solution

• Add helpers.MarshalJSONWithoutHTMLEscape() utility function
• Use json.Encoder with SetEscapeHTML(false) for upstream request serialization
• Strip trailing newline from Encoder.Encode() to match json.Marshal behavior
• Apply to both HTTP and WebSocket upstream clients

Files Changed

• internal/helpers/json.go - New utility function with detailed comments
• internal/helpers/json_test.go - Unit tests (8 test cases)
• internal/upstream/http.go - HTTP client uses utility function
• internal/ws/client.go - WebSocket client uses utility function

Testing

• Unit tests pass (8/8)
• Integration tests pass
• Dev environment deployment verified - long posts with Markdown blockquotes now work correctly

Fixes #258