Cleaning "Unsafe" WordPress URLs with a Virtual Host

Hello, everyone!

This post is in reference to this article from 2013. In it, the author identified the following characters that should be encoded in URLs for security reasons: “{”, “}”, “|”, “\”, “^”, “~”, “[”, “]”, and “`”. Also in the article, the author indicated that an earlier version of WordPress (3.5) used at least some of these characters (such as square brackets) by default.

I am looking to automatically remove specific unsafe characters from user-submitted URLs by using specific rewrite protocols associated with a virtual host. (I already know how to do this.) However, I want to make sure that I am eliminating only those “unsafe” characters that are NOT essential to WordPress operations.

Put another way, which of the “unsafe” characters listed above are safe to eliminate from URL requests associated with my website?