Fix bug in HTTP header parameter value parsing.

The `preserveBackslash` flag should preserve
backslashes before any non-`"` character,
not before any non-`\` character.

Change-Id: I3270f3b1b6c678e712e27a1cf4557558c883610b
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/452781
Reviewed-by: Nate Bosch <nbosch@google.com>
Commit-Queue: Ivan Inozemtsev <iinozemtsev@google.com>
Reviewed-by: Ivan Inozemtsev <iinozemtsev@google.com>

Author: lrhn

sdk/lib/_http/http_headers.dart

@@ -851,7 +851,7 @@ class _HeaderValue implements HeaderValue {
               if (index < source.length) {
                 char = source.codeUnitAt(index);
                 index++;
-                if (preserveBackslash && char != _CharCode.BACKSLASH) {
+                if (preserveBackslash && char != _CharCode.QUOTE) {
                   sb.writeCharCode(_CharCode.BACKSLASH);
                 }
                 sb.writeCharCode(char);

tests/standalone/io/http_headers_test.dart

@@ -820,7 +820,65 @@ void testForEach() {
   Expect.equals(4, totalValues);
 }
 
-main() {
+void testPreserveBackslash() {
+  // The `preserveBackslash` parameter of `HttpValue.parse` makes `\`s in
+  // property values be retained, except if before a `"`.
+  // (Is only allowed inside a `"..."`-quoted value.?)
+  final _backslashRE = RegExp(r'\\.');
+
+  // Preserves every `\` escaping a non-`"` character.
+  String preserve(Match m) {
+    // Preserve entire `\.` match unless `.` is `"`.
+    if (!m.input.startsWith('"', m.start + 1)) return m[0]!;
+    return '"';
+  }
+
+  // Preserves no escaping `\`.
+  String remove(Match m) => m.input[m.start + 1];
+
+  for (var preserveBackslash in [false, true]) {
+    void testInput(String input) {
+      var headerValue = HeaderValue.parse(
+        'value; name="$input"',
+        preserveBackslash: preserveBackslash,
+      );
+      Expect.stringEquals(
+        input.replaceAllMapped(
+          _backslashRE,
+          preserveBackslash ? preserve : remove,
+        ),
+        headerValue.parameters['name']!,
+        "$input (${preserveBackslash ? "preserved" : "removed"})",
+      );
+    }
+
+    testInput(r'\\');
+    testInput(r'\"');
+    testInput(r'\ ');
+    testInput(r'text\ \a\"text');
+    testInput(r'text\"\\\"');
+    testInput(r'\"; abc=\\\"');
+
+    // An escaping `\` cannot be last character of an input.
+    Expect.throws(
+      () => HeaderValue.parse(r'value; name="abc\"'),
+      null,
+      "Trailing backslash (${preserveBackslash ? "preserved" : "removed"})",
+    );
+
+    // Unquoted values do not treat backslash as escape,
+    // and ignore `preserveBackslash`. Backslash is just a another valid
+    // character and can occur anywhere until a terminator character.
+    var input = r'abc\"\de\';
+    Expect.stringEquals(
+      input,
+      HeaderValue.parse('value; name=$input').parameters['name']!,
+      "Escaping in unquoted value (${preserveBackslash ? "preserved" : "removed"})",
+    );
+  }
+}
+
+void main() {
   testMultiValue();
   testDate();
   testExpires();
@@ -843,4 +901,5 @@ main() {
   testLowercaseAdd();
   testLowercaseSet();
   testForEach();
+  testPreserveBackslash();
 }