defense in depth fix for path traversal in transfer manager

[sbiscigl]

Description of changes:

Related to Partial Path Traversal in aws-cpp-sdk-transfer and is a defense in depth fix for further scenarios.

A key like /home/user/dl/safe/../../etc/passwd written to /home/user/dl would trigger this scenario, and would be able to break out of the running directory and write in theory however in practice it is non-exploitable given that libcurl will compress the url by default resulting in a broken head object failing the transfer. additionally S3 no longer allows a object like this to be created sever side.

Check all that applies:

• Did a review by yourself.
• Added proper tests to cover this PR. (If tests are not applicable, explain.)
• Checked if this PR is a breaking (APIs have been changed) change.
• Checked if this PR will not introduce cross-platform inconsistent behavior.
• Checked if this PR would require a ReadMe/Wiki update.

Check which platforms you have built SDK on to verify the correctness of this PR.

• Linux
• Windows
• Android
• MacOS
• IOS
• Other Platforms

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.