Previous approach replaced " with ' which corrupts the actual filename.
RFC 2183 specifies that within a quoted-string, backslash is the escape
character. Now properly escapes both \ and " with backslash prefix.
The UTF-8 filename* parameter uses percent-encoding which correctly
preserves the original filename for modern clients.
Quotes in filenames would cause malformed Content-Disposition headers:
filename="file"name.png" ← Invalid header with unbalanced quotes
Now quotes are replaced with single quotes in the ASCII fallback while
the UTF-8 filename* uses proper percent-encoding (%22).
The Content-Disposition header was missing the required disposition-type
(attachment;) and proper encoding for non-ASCII filenames.
Changes:
- Add `create_content_disposition_header()` helper function
- Update all 4 Content-Disposition headers in view_image endpoint
- Provide ASCII fallback filename for legacy clients
- Add RFC 5987 UTF-8 encoded filename* parameter for international support
This fixes third-party download libraries (e.g., Go's mime.ParseMediaType)
failing to parse the filename correctly.
Fixes#8914
