Support escape character in ContentDisposition

Closes gh-23077

Author: rstoyanchev

spring-web/src/main/java/org/springframework/http/ContentDisposition.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2019 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -331,16 +331,18 @@ private static List<String> tokenize(String headerValue) {
 			do {
 				int nextIndex = index + 1;
 				boolean quoted = false;
+				boolean escaped = false;
 				while (nextIndex < headerValue.length()) {
 					char ch = headerValue.charAt(nextIndex);
 					if (ch == ';') {
 						if (!quoted) {
 							break;
 						}
 					}
-					else if (ch == '"') {
+					else if (!escaped && ch == '"') {
 						quoted = !quoted;
 					}
+					escaped = (!escaped && ch == '\\');
 					nextIndex++;
 				}
 				String part = headerValue.substring(index + 1, nextIndex).trim();

spring-web/src/test/java/org/springframework/http/ContentDispositionTests.java

@@ -79,6 +79,14 @@ public void parseEncodedFilename() {
 				.filename("中文.txt", StandardCharsets.UTF_8).build(), disposition);
 	}
 
+	@Test // gh-23077
+	public void parseWithEscapedQuote() {
+		ContentDisposition disposition = ContentDisposition.parse(
+				"form-data; name=\"file\"; filename=\"\\\"The Twilight Zone\\\".txt\"; size=123");
+		assertEquals(ContentDisposition.builder("form-data").name("file")
+				.filename("\\\"The Twilight Zone\\\".txt").size(123L).build(), disposition);
+	}
+
 	@Test(expected = IllegalArgumentException.class)
 	public void parseEmpty() {
 		ContentDisposition.parse("");