Add missing url encoding to protocol relative URLs

Protocol relative URLs were missed from the changes in #11092 as they
are handled by a different code branch.

src/View/Helper/UrlHelper.php

@@ -159,7 +159,7 @@ class UrlHelper extends Helper
             $path .= $options['ext'];
         }
         if (preg_match('|^([a-z0-9]+:)?//|', $path)) {
-            return $path;
+            return $this->build($path);
         }
         if (isset($plugin)) {
             $path = Inflector::underscore($plugin) . '/' . $path;

tests/TestCase/View/Helper/HtmlHelperTest.php

@@ -358,7 +358,10 @@ class HtmlHelperTest extends TestCase
 
         $result = $this->Html->image('x:"><script>alert(1)</script>');
         $expected = ['img' => ['src' => 'x:&quot;&gt;&lt;script&gt;alert(1)&lt;/script&gt;', 'alt' => '']];
+        $this->assertHtml($expected, $result);
 
+        $result = $this->Html->image('//google.com/"><script>alert(1)</script>');
+        $expected = ['img' => ['src' => '//google.com/&quot;&gt;&lt;script&gt;alert(1)&lt;/script&gt;', 'alt' => '']];
         $this->assertHtml($expected, $result);
     }