Remove the filename argument from Content-Disposition header to avoid

RFC 5987 and RFC 6266 encoding issues. This change allows the browser
to determine the filename based on the URL.

See: http://greenbytes.de/tech/tc2231/

Closes https://github.com/gitlabhq/gitlabhq/issues/9595

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/1829

CHANGELOG

 Please view this file on the master branch, on stable branches it's out of date.
 
 v 8.0.0 (unreleased)
+  - Omit filename in Content-Disposition header in raw file download to avoid RFC 6266 encoding issues (Stan HU)
   - Prevent anchors from being hidden by header (Stan Hu)
   - Fix bug where only the first 15 Bitbucket issues would be imported (Stan Hu)
   - Sort issues by creation date in Bitbucket importer (Stan Hu)

app/controllers/projects/raw_controller.rb

@@ -17,8 +17,7 @@ class Projects::RawController < Projects::ApplicationController
       send_data(
         @blob.data,
         type: type,
-        disposition: 'inline',
-        filename: @blob.name
+        disposition: 'inline'
       )
     else
       not_found!

spec/controllers/projects/raw_controller_spec.rb

+require 'spec_helper'
+
+describe Projects::RawController do
+  let(:public_project) { create(:project, :public) }
+
+  describe "#show" do
+    context 'regular filename' do
+      let(:id) { 'master/README.md' }
+
+      it 'delivers ASCII file' do
+        get(:show,
+            namespace_id: public_project.namespace.to_param,
+            project_id: public_project.to_param,
+            id: id)
+
+        expect(response.status).to eq(200)
+        expect(response.header['Content-Type']).to eq('text/plain; charset=utf-8')
+        expect(response.header['Content-Disposition']).
+            to eq("inline")
+      end
+    end
+  end
+end