I didn't get this, What update exactly you are looking for? As I have
mentioned in first reply, it is a security request filter at sling level
responsible for this, uncheck the option (Enable Content Disposition for
all paths) at filter takes you to the old behavior. It is a not a bug
rather security improvement.