[FIX] web_editor: use strict equal instead of =like in shape controller

Currently, the shape controller uses =like when looking for an
attachment with a matching URL, but what is compared against is the
request's path. While this is not a security issue as we know the path
starts with the controller's route and only look for public attachments,
it's still undesirable as the end of the url may contain underscores or
percent and we do not want those to be interpreted as a pattern.

closes odoo/odoo#86623

Signed-off-by: Quentin Smetz (qsm) <qsm@odoo.com>