Download patch file with /patch?zip or /patch?download

For ?zip compress the patch file text inside of a ZIP archive.
The inner file name is "commitsha1.diff". Modern UI shells on
Windows, Mac OS X and Linux make it easy to unpack the compressed
ZIP file to get access to the raw text.

For ?download a filename is suggested in the Content-Dispostion
response header, suggesting the browser to download the base64
encoded stream to the local drive as "commitsha1.diff.base64".

Encoding the patch is necessary to prevent XSS attacks made against
the Gerrit site. The ZIP wrapping does not allow an attacker to
make a valid Java applet; the filename ending in ".diff" is not
a valid Java class file name. The base64 wrapping can only be
treated as plain text by a browser as it does not contain HTML
special characters.

Change-Id: Ia4c41e51c5f57607c45e2588629a88b47e1d9d09

gerrit-extension-api/src/main/java/com/google/gerrit/extensions/restapi/BinaryResult.java

@@ -62,6 +62,7 @@ public abstract class BinaryResult implements Closeable {
   private long contentLength = -1;
   private boolean gzip = true;
   private boolean base64 = false;
+  private String attachmentName;
 
   /** @return the MIME type of the result, for HTTP clients. */
   public String getContentType() {
@@ -89,6 +90,17 @@ public abstract class BinaryResult implements Closeable {
     return this;
   }
 
+  /** Get the attachment file name; null if not set. */
+  public String getAttachmentName() {
+    return attachmentName;
+  }
+
+  /** Set the attachment file name and return {@code this}. */
+  public BinaryResult setAttachmentName(String attachmentName) {
+    this.attachmentName = attachmentName;
+    return this;
+  }
+
   /** @return length in bytes of the result; -1 if not known. */
   public long getContentLength() {
     return contentLength;