Missing escaping of values (and keys)

The key and values are not escaped in `OneSkyRequest` when building the query string and the JSON payload. Therefore, if these contain forbidden characters, this will cause the call to fail, misbehave and it opens an attack vector (changing what the operation does through injection of specially crafted value).