should decode the header value

[sharh]

var PARAM_REGEXP = /;[\x09\x20]*([!#$%&'*+.0-9A-Z^_`a-z|~-]+)[\x09\x20]*=[\x09\x20]*("(?:[\x20!\x23-\x5b\x5d-\x7e\x80-\xff]|\\[\x20-\x7e])*"|[!#$%&'*+.0-9A-Z^_`a-z|~-]+)[\x09\x20]*/g // eslint-disable-line no-control-regex
var match = PARAM_REGEXP.exec('attachment; filename=%E6%B4%BB%E5%8A%A8%E5%B9%B3%E5%8F%B0 - %E6%91%87%E4%B8%80%E6%91%87%E6%B4%BB%E5%8A%A8%E9%85%8D%E7%BD%AE.pptx')

this cannot match space.

should change PARAM_REGEXP to:

var PARAM_REGEXP = /;[\x09\x20]*([!#$%&'*+.0-9A-Z^_`a-z|~-]+)[\x09\x20]*=[\x09\x20]*("(?:[\x20!\x23-\x5b\x5d-\x7e\x80-\xff]|\\[\x20-\x7e])*"|[!#$%&'*+.0-9A-Z^_`a-z|~-\s]+)[\x09\x20]*/g // eslint-disable-line no-control-regex

and then in here, should decodeURIComponent the value:

// decode value like: "%2B" means "+", it's very normal.
params[key] = decodeURIComponent(value)

[dougwilson]

The regular expression matches the actual spec in https://tools.ietf.org/html/rfc6266 . The filename attribute's value cannot contain a space character unless you close in it double quotes. The specification also does not say the value is URI encoded, unless you can point out where that is stated in https://tools.ietf.org/html/rfc6266