RadosGW returns requested bucket name in "Bucket" response header.

Issue

• RadosGW is returning whatever string it thought was the name of the bucket requested as raw text in the Bucket response header.

$ curl -i "objects.domain.com/nothing-to-see-here%22%0D%0AContent-type%3A%20%22image-jpg";echo
HTTP/1.1 400 Bad Request
Bucket: "nothing-to-see-here"
Content-type: "image-jpg"
Content-Length: 83
Accept-Ranges: bytes
Content-type: application/xml
Date: Mon, 27 Jul 2015 22:57:11 GMT

<?xml version="1.0" encoding="UTF-8"?><Error><Code>InvalidBucketName</Code></Error>

• It is trivial to make radosgw return invalid HTTP responses this way as well (the resulting response is from HAProxy rejecting the invalid response from the RGW, as it should):

$ curl -i "objects.domain.com/nothing-to-see-here%22%0D%0AContent-Length%3A%20%2282";echo
HTTP/1.0 502 Bad Gateway
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<html><body><h1>502 Bad Gateway</h1>

• RadosGW should sanitize the bucket name before including it in the Bucket header, by encoding the data in a standard encoding. This will make sure that it is impossible to do things like inserting new headers, data, whatever, that looks like meaningful parts of a real HTTP response.