My answer would probably be to add this to Request's internal parsing stage.
if (strpos(self::$path, '//')) Bomb::http(400);
In fact, I'm adding that now. Also why my HTTP bomb supports the full range of 400 and 500 errors. There are cases where something other than 404 is appropriate. 400 "Bad Request" fitting the bill nicely here.
That will be #00033 on the changelog in the next milestone.
Though I'm not entirely sure why this is a problem, since if you don't create a link to a URI like that, how would it come to exist on anything that would use it? Not like it's going to muck up search unless some asshat intentionally sabotages you in back-links.
Which... ok, that's reason enough to add that fix. Thanks. Helpful.