Don't percent-decode filename value in Content-Disposition.

We only percent-decode filename* value in Content-Disposition because
the encoding is fully specified. But since filename value is not, so
we just accept it as is.

src/util.cc

@@ -929,8 +929,9 @@ std::string getContentDispositionFilename(const std::string& header)
         filenameLast = value.end();
       }
       static const std::string TRIMMED("\r\n\t '\"");
-      value = percentDecode(value.begin(), filenameLast);
-      value = strip(value, TRIMMED);
+      std::pair<std::string::iterator, std::string::iterator> vi =
+        util::stripIter(value.begin(), filenameLast, TRIMMED);
+      value.assign(vi.first, vi.second);
       value.erase(std::remove(value.begin(), value.end(), '\\'), value.end());
       if(!detectDirTraversal(value) && value.find("/") == std::string::npos) {
         filename = value;

test/UtilTest.cc

@@ -872,8 +872,10 @@ void UtilTest::testGetContentDispositionFilename() {
   CPPUNIT_ASSERT_EQUAL(std::string("foo;bar"),
                        util::getContentDispositionFilename(semicolonInside));
 
+  // Unescaping %2E%2E%2F produces "../". But since we won't unescape,
+  // we just accept it as is.
   CPPUNIT_ASSERT_EQUAL
-    (std::string(""),
+    (std::string("%2E%2E%2Ffoo.html"),
      util::getContentDispositionFilename("filename=\"%2E%2E%2Ffoo.html\""));
 
   // RFC2231 Section4