VERSION
Chrome Version: [51.0.2704.106m] + [stable]
Operating System: [Windows 7 SP1]

REPRODUCTION CASE
1,Encode an EXE file to base64 format.And I use the BinaryViewer(http://www.proxoft.com/BinaryViewer.aspx).
2,Build a website with data protocal.Just like :<a href="data:image/bmp;base64,base64data(get from step 1).
PS:the mediatype can be defined any string,it doesn't matter.
3,set the "download" property as "poc.exe"
4,click & download the file.

See the poc.html.

By the way:
I am not sure wether it is a vulnerability,but I think it is a dangerous feature and belong to the browser security issue.
I can exploit this feature to do many "funny" things.

1.As a website manage,I can save any type of binary file in the webpage directly.As a result,when people download these files,the malware can bypass the Firewall/IPS/UTM/etc 
easily.
2.As a visitor,I can submit the binary file(malware) to the webserver as a part of the comment code,just like the storage type XSS.
3.It can fool users to download something that is different from what they think.Because the mediatype in the data protocal can be defined by ourselves.
4.And so on.

PS:IE & Safari don't appear this problem.

 

Deleted: POC.html 230 KB

POC.html 230 KB View Download