RubyGems - actionpack - Versions diffs - 2.2.3 → 2.3.2 - Mend

actionpack 2.2.3 → 2.3.2

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (264) hide show

data/CHANGELOG +433 -375
data/MIT-LICENSE +1 -1
data/README +21 -75
data/Rakefile +1 -1
data/lib/action_controller.rb +80 -43
data/lib/action_controller/assertions/model_assertions.rb +1 -0
data/lib/action_controller/assertions/response_assertions.rb +43 -16
data/lib/action_controller/assertions/routing_assertions.rb +1 -1
data/lib/action_controller/assertions/selector_assertions.rb +17 -12
data/lib/action_controller/assertions/tag_assertions.rb +1 -4
data/lib/action_controller/base.rb +153 -82
data/lib/action_controller/benchmarking.rb +9 -9
data/lib/action_controller/caching.rb +9 -11
data/lib/action_controller/caching/actions.rb +11 -18
data/lib/action_controller/caching/fragments.rb +28 -20
data/lib/action_controller/caching/pages.rb +13 -15
data/lib/action_controller/caching/sweeping.rb +2 -2
data/lib/action_controller/cgi_ext.rb +0 -1
data/lib/action_controller/cgi_ext/cookie.rb +2 -0
data/lib/action_controller/cgi_process.rb +54 -162
data/lib/action_controller/cookies.rb +13 -25
data/lib/action_controller/dispatcher.rb +43 -122
data/lib/action_controller/failsafe.rb +52 -0
data/lib/action_controller/flash.rb +38 -47
data/lib/action_controller/helpers.rb +13 -9
data/lib/action_controller/http_authentication.rb +203 -23
data/lib/action_controller/integration.rb +126 -70
data/lib/action_controller/layout.rb +36 -39
data/lib/action_controller/middleware_stack.rb +119 -0
data/lib/action_controller/middlewares.rb +13 -0
data/lib/action_controller/mime_responds.rb +19 -4
data/lib/action_controller/mime_type.rb +8 -0
data/lib/action_controller/params_parser.rb +71 -0
data/lib/action_controller/performance_test.rb +0 -1
data/lib/action_controller/polymorphic_routes.rb +36 -30
data/lib/action_controller/reloader.rb +14 -0
data/lib/action_controller/request.rb +107 -499
data/lib/action_controller/request_forgery_protection.rb +7 -39
data/lib/action_controller/rescue.rb +55 -35
data/lib/action_controller/resources.rb +34 -31
data/lib/action_controller/response.rb +99 -57
data/lib/action_controller/rewindable_input.rb +28 -0
data/lib/action_controller/routing.rb +7 -7
data/lib/action_controller/routing/builder.rb +4 -1
data/lib/action_controller/routing/optimisations.rb +1 -1
data/lib/action_controller/routing/recognition_optimisation.rb +1 -2
data/lib/action_controller/routing/route.rb +15 -5
data/lib/action_controller/routing/route_set.rb +82 -35
data/lib/action_controller/routing/segments.rb +35 -0
data/lib/action_controller/session/abstract_store.rb +181 -0
data/lib/action_controller/session/cookie_store.rb +197 -175
data/lib/action_controller/session/mem_cache_store.rb +36 -83
data/lib/action_controller/session_management.rb +26 -134
data/lib/action_controller/streaming.rb +24 -7
data/lib/action_controller/templates/rescues/diagnostics.erb +2 -2
data/lib/action_controller/templates/rescues/template_error.erb +2 -2
data/lib/action_controller/test_case.rb +87 -30
data/lib/action_controller/test_process.rb +145 -104
data/lib/action_controller/uploaded_file.rb +44 -0
data/lib/action_controller/url_rewriter.rb +3 -6
data/lib/action_controller/vendor/html-scanner.rb +16 -0
data/lib/action_controller/vendor/html-scanner/html/selector.rb +1 -1
data/lib/action_controller/vendor/rack-1.0/rack.rb +89 -0
data/lib/action_controller/vendor/rack-1.0/rack/adapter/camping.rb +22 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/handler.rb +37 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/request.rb +37 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/basic.rb +58 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/md5.rb +124 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/nonce.rb +51 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/params.rb +55 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/request.rb +40 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/openid.rb +480 -0
data/lib/action_controller/vendor/rack-1.0/rack/builder.rb +63 -0
data/lib/action_controller/vendor/rack-1.0/rack/cascade.rb +36 -0
data/lib/action_controller/vendor/rack-1.0/rack/chunked.rb +49 -0
data/lib/action_controller/vendor/rack-1.0/rack/commonlogger.rb +61 -0
data/lib/action_controller/vendor/rack-1.0/rack/conditionalget.rb +45 -0
data/lib/action_controller/vendor/rack-1.0/rack/content_length.rb +29 -0
data/lib/action_controller/vendor/rack-1.0/rack/content_type.rb +23 -0
data/lib/action_controller/vendor/rack-1.0/rack/deflater.rb +85 -0
data/lib/action_controller/vendor/rack-1.0/rack/directory.rb +153 -0
data/lib/action_controller/vendor/rack-1.0/rack/file.rb +88 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler.rb +48 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/cgi.rb +61 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/evented_mongrel.rb +8 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/fastcgi.rb +89 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/lsws.rb +55 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/mongrel.rb +84 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/scgi.rb +59 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/swiftiplied_mongrel.rb +8 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/thin.rb +18 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/webrick.rb +67 -0
data/lib/action_controller/vendor/rack-1.0/rack/head.rb +19 -0
data/lib/action_controller/vendor/rack-1.0/rack/lint.rb +462 -0
data/lib/action_controller/vendor/rack-1.0/rack/lobster.rb +65 -0
data/lib/action_controller/vendor/rack-1.0/rack/lock.rb +16 -0
data/lib/action_controller/vendor/rack-1.0/rack/methodoverride.rb +27 -0
data/lib/action_controller/vendor/rack-1.0/rack/mime.rb +204 -0
data/lib/action_controller/vendor/rack-1.0/rack/mock.rb +160 -0
data/lib/action_controller/vendor/rack-1.0/rack/recursive.rb +57 -0
data/lib/action_controller/vendor/rack-1.0/rack/reloader.rb +64 -0
data/lib/action_controller/vendor/rack-1.0/rack/request.rb +241 -0
data/lib/action_controller/vendor/rack-1.0/rack/response.rb +179 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/abstract/id.rb +142 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/cookie.rb +91 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/memcache.rb +109 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/pool.rb +100 -0
data/lib/action_controller/vendor/rack-1.0/rack/showexceptions.rb +349 -0
data/lib/action_controller/vendor/rack-1.0/rack/showstatus.rb +106 -0
data/lib/action_controller/vendor/rack-1.0/rack/static.rb +38 -0
data/lib/action_controller/vendor/rack-1.0/rack/urlmap.rb +55 -0
data/lib/action_controller/vendor/rack-1.0/rack/utils.rb +392 -0
data/lib/action_controller/verification.rb +1 -1
data/lib/action_pack.rb +1 -1
data/lib/action_pack/version.rb +2 -2
data/lib/action_view.rb +22 -17
data/lib/action_view/base.rb +53 -79
data/lib/action_view/erb/util.rb +38 -0
data/lib/action_view/helpers.rb +24 -5
data/lib/action_view/helpers/active_record_helper.rb +2 -2
data/lib/action_view/helpers/asset_tag_helper.rb +81 -50
data/lib/action_view/helpers/atom_feed_helper.rb +1 -1
data/lib/action_view/helpers/benchmark_helper.rb +26 -5
data/lib/action_view/helpers/date_helper.rb +82 -7
data/lib/action_view/helpers/form_helper.rb +295 -64
data/lib/action_view/helpers/form_options_helper.rb +160 -18
data/lib/action_view/helpers/form_tag_helper.rb +2 -2
data/lib/action_view/helpers/number_helper.rb +31 -18
data/lib/action_view/helpers/prototype_helper.rb +2 -12
data/lib/action_view/helpers/sanitize_helper.rb +0 -10
data/lib/action_view/helpers/scriptaculous_helper.rb +1 -0
data/lib/action_view/helpers/tag_helper.rb +3 -4
data/lib/action_view/helpers/text_helper.rb +99 -122
data/lib/action_view/helpers/translation_helper.rb +19 -1
data/lib/action_view/helpers/url_helper.rb +25 -2
data/lib/action_view/inline_template.rb +1 -1
data/lib/action_view/locale/en.yml +19 -1
data/lib/action_view/partials.rb +46 -9
data/lib/action_view/paths.rb +28 -84
data/lib/action_view/reloadable_template.rb +117 -0
data/lib/action_view/renderable.rb +28 -35
data/lib/action_view/renderable_partial.rb +3 -4
data/lib/action_view/template.rb +172 -31
data/lib/action_view/template_error.rb +8 -9
data/lib/action_view/template_handler.rb +1 -1
data/lib/action_view/template_handlers.rb +9 -6
data/lib/action_view/template_handlers/erb.rb +2 -39
data/lib/action_view/template_handlers/rjs.rb +1 -0
data/lib/action_view/test_case.rb +27 -1
data/test/abstract_unit.rb +23 -17
data/test/active_record_unit.rb +5 -4
data/test/activerecord/active_record_store_test.rb +139 -106
data/test/activerecord/render_partial_with_record_identification_test.rb +5 -21
data/test/controller/action_pack_assertions_test.rb +25 -23
data/test/controller/addresses_render_test.rb +3 -6
data/test/controller/assert_select_test.rb +83 -70
data/test/controller/base_test.rb +11 -13
data/test/controller/benchmark_test.rb +3 -3
data/test/controller/caching_test.rb +34 -24
data/test/controller/capture_test.rb +3 -6
data/test/controller/content_type_test.rb +3 -6
data/test/controller/cookie_test.rb +31 -66
data/test/controller/deprecation/deprecated_base_methods_test.rb +9 -11
data/test/controller/dispatcher_test.rb +23 -28
data/test/controller/fake_models.rb +8 -0
data/test/controller/filters_test.rb +6 -2
data/test/controller/flash_test.rb +2 -6
data/test/controller/helper_test.rb +15 -1
data/test/controller/html-scanner/document_test.rb +1 -1
data/test/controller/html-scanner/sanitizer_test.rb +1 -1
data/test/controller/http_basic_authentication_test.rb +88 -0
data/test/controller/http_digest_authentication_test.rb +178 -0
data/test/controller/integration_test.rb +56 -52
data/test/controller/layout_test.rb +46 -44
data/test/controller/middleware_stack_test.rb +90 -0
data/test/controller/mime_responds_test.rb +7 -11
data/test/controller/mime_type_test.rb +9 -0
data/test/controller/polymorphic_routes_test.rb +235 -151
data/test/controller/rack_test.rb +52 -81
data/test/controller/redirect_test.rb +6 -14
data/test/controller/render_test.rb +273 -60
data/test/controller/request/json_params_parsing_test.rb +45 -0
data/test/controller/request/multipart_params_parsing_test.rb +223 -0
data/test/controller/request/query_string_parsing_test.rb +120 -0
data/test/controller/request/url_encoded_params_parsing_test.rb +184 -0
data/test/controller/request/xml_params_parsing_test.rb +88 -0
data/test/controller/request_forgery_protection_test.rb +17 -98
data/test/controller/request_test.rb +45 -530
data/test/controller/rescue_test.rb +45 -22
data/test/controller/resources_test.rb +112 -37
data/test/controller/routing_test.rb +1442 -1384
data/test/controller/selector_test.rb +3 -3
data/test/controller/send_file_test.rb +30 -3
data/test/controller/session/cookie_store_test.rb +169 -240
data/test/controller/session/mem_cache_store_test.rb +94 -148
data/test/controller/session/test_session_test.rb +58 -0
data/test/controller/test_test.rb +32 -13
data/test/controller/url_rewriter_test.rb +54 -4
data/test/controller/verification_test.rb +1 -1
data/test/controller/view_paths_test.rb +15 -15
data/test/controller/webservice_test.rb +178 -147
data/test/fixtures/alternate_helpers/foo_helper.rb +3 -0
data/test/fixtures/layout_tests/alt/layouts/alt.rhtml +0 -0
data/test/fixtures/layouts/default_html.html.erb +1 -0
data/test/fixtures/layouts/xhr.html.erb +2 -0
data/test/fixtures/multipart/empty +10 -0
data/test/fixtures/multipart/hello.txt +1 -0
data/test/fixtures/multipart/none +9 -0
data/test/fixtures/public/500.da.html +1 -0
data/test/fixtures/quiz/questions/_question.html.erb +1 -0
data/test/fixtures/replies.yml +1 -1
data/test/fixtures/test/_one.html.erb +1 -0
data/test/fixtures/test/_two.html.erb +1 -0
data/test/fixtures/test/dont_pick_me +1 -0
data/test/fixtures/test/hello.builder +1 -1
data/test/fixtures/test/hello_world.da.html.erb +1 -0
data/test/fixtures/test/hello_world.erb~ +1 -0
data/test/fixtures/test/hello_world.pt-BR.html.erb +1 -0
data/test/fixtures/test/malformed/malformed.en.html.erb~ +1 -0
data/test/fixtures/test/malformed/malformed.erb~ +1 -0
data/test/fixtures/test/malformed/malformed.html.erb~ +1 -0
data/test/fixtures/test/render_explicit_html_template.js.rjs +1 -0
data/test/fixtures/test/render_implicit_html_template.js.rjs +1 -0
data/test/fixtures/test/render_implicit_html_template_from_xhr_request.da.html.erb +1 -0
data/test/fixtures/test/render_implicit_html_template_from_xhr_request.html.erb +1 -0
data/test/fixtures/test/render_implicit_js_template_without_layout.js.erb +1 -0
data/test/fixtures/test/utf8.html.erb +2 -0
data/test/template/active_record_helper_i18n_test.rb +31 -33
data/test/template/active_record_helper_test.rb +34 -0
data/test/template/asset_tag_helper_test.rb +52 -14
data/test/template/atom_feed_helper_test.rb +3 -5
data/test/template/benchmark_helper_test.rb +50 -24
data/test/template/compiled_templates_test.rb +177 -33
data/test/template/date_helper_i18n_test.rb +88 -81
data/test/template/date_helper_test.rb +427 -43
data/test/template/form_helper_test.rb +243 -44
data/test/template/form_options_helper_test.rb +631 -565
data/test/template/form_tag_helper_test.rb +9 -2
data/test/template/javascript_helper_test.rb +0 -5
data/test/template/number_helper_i18n_test.rb +60 -48
data/test/template/number_helper_test.rb +1 -0
data/test/template/render_test.rb +117 -35
data/test/template/test_test.rb +4 -6
data/test/template/text_helper_test.rb +129 -50
data/test/template/translation_helper_test.rb +23 -19
data/test/template/url_helper_test.rb +35 -2
data/test/view/test_case_test.rb +8 -0
metadata +197 -23
data/lib/action_controller/assertions.rb +0 -69
data/lib/action_controller/caching/sql_cache.rb +0 -18
data/lib/action_controller/cgi_ext/session.rb +0 -53
data/lib/action_controller/components.rb +0 -169
data/lib/action_controller/rack_process.rb +0 -297
data/lib/action_controller/request_profiler.rb +0 -169
data/lib/action_controller/session/active_record_store.rb +0 -340
data/lib/action_controller/session/drb_server.rb +0 -32
data/lib/action_controller/session/drb_store.rb +0 -35
data/test/controller/cgi_test.rb +0 -269
data/test/controller/components_test.rb +0 -156
data/test/controller/http_authentication_test.rb +0 -54
data/test/controller/integration_upload_test.rb +0 -43
data/test/controller/session_fixation_test.rb +0 -89
data/test/controller/session_management_test.rb +0 -178
data/test/fixtures/test/hello_world.js +0 -1

data/lib/action_controller/rewindable_input.rb ADDED

@@ -0,0 +1,28 @@
+module ActionController
+  class RewindableInput
+    class RewindableIO < ActiveSupport::BasicObject
+      def initialize(io)
+        @io = io
+        @rewindable = io.is_a?(::StringIO)
+      end
+      def method_missing(method, *args, &block)
+        unless @rewindable
+          @io = ::StringIO.new(@io.read)
+          @rewindable = true
+        end
+        @io.__send__(method, *args, &block)
+      end
+    end
+    def initialize(app)
+      @app = app
+    end
+    def call(env)
+      env['rack.input'] = RewindableIO.new(env['rack.input'])
+      @app.call(env)
+    end
+  end
+end

data/lib/action_controller/routing.rb CHANGED

@@ -1,6 +1,5 @@
 require 'cgi'
 require 'uri'
-require 'action_controller/polymorphic_routes'
 require 'action_controller/routing/optimisations'
 require 'action_controller/routing/routing_ext'
 require 'action_controller/routing/route'
@@ -84,9 +83,11 @@ module ActionController
   # This sets up +blog+ as the default controller if no other is specified.
   # This means visiting '/' would invoke the blog controller.
   #
-  # More formally, you can define defaults in a route with the <tt>:defaults</tt> key.
+  # More formally, you can include arbitrary parameters in the route, thus:
   #
-  #   map.connect ':controller/:action/:id', :action => 'show', :defaults => { :page => 'Dashboard' }
+  #   map.connect ':controller/:action/:id', :action => 'show', :page => 'Dashboard'
+  #
+  # This will pass the :page parameter to all incoming requests that match this route.
   #
   # Note: The default routes, as provided by the Rails generator, make all actions in every
   # controller accessible via GET requests. You should consider removing them or commenting
@@ -192,9 +193,8 @@ module ActionController
   #
   #   map.connect '*path' , :controller => 'blog' , :action => 'unrecognized?'
   #
-  # will glob all remaining parts of the route that were not recognized earlier. This idiom
-  # must appear at the end of the path. The globbed values are in <tt>params[:path]</tt> in
-  # this case.
+  # will glob all remaining parts of the route that were not recognized earlier.
+  # The globbed values are in <tt>params[:path]</tt> as an array of path segments.
   #
   # == Route conditions
   #
@@ -267,7 +267,7 @@ module ActionController
   module Routing
     SEPARATORS = %w( / . ? )
-    HTTP_METHODS = [:get, :head, :post, :put, :delete]
+    HTTP_METHODS = [:get, :head, :post, :put, :delete, :options]
     ALLOWED_REQUIREMENTS_FOR_OPTIMISATION = [:controller, :action].to_set

data/lib/action_controller/routing/builder.rb CHANGED

@@ -34,6 +34,8 @@ module ActionController
       def segment_for(string)
         segment =
           case string
+            when  /\A\.(:format)?\//
+              OptionalFormatSegment.new
             when /\A:(\w+)/
               key = $1.to_sym
               key == :controller ? ControllerSegment.new(key) : DynamicSegment.new(key)
@@ -157,7 +159,8 @@ module ActionController
         path = "/#{path}" unless path[0] == ?/
         path = "#{path}/" unless path[-1] == ?/
-        path = "/#{options[:path_prefix].to_s.gsub(/^\//,'')}#{path}" if options[:path_prefix]
+        prefix = options[:path_prefix].to_s.gsub(/^\//,'')
+        path = "/#{prefix}#{path}" unless prefix.blank?
         segments = segments_for_route_path(path)
         defaults, requirements, conditions = divide_route_options(segments, options)

data/lib/action_controller/routing/optimisations.rb CHANGED

@@ -65,7 +65,7 @@ module ActionController
       # rather than triggering the expensive logic in +url_for+.
       class PositionalArguments < Optimiser
         def guard_conditions
-          number_of_arguments = route.segment_keys.size
+          number_of_arguments = route.required_segment_keys.size
           # if they're using foo_url(:id=>2) it's one
           # argument, but we don't want to generate /foos/id2
           if number_of_arguments == 1

data/lib/action_controller/routing/recognition_optimisation.rb CHANGED

@@ -56,7 +56,7 @@ module ActionController
         result = recognize_optimized(path, environment) and return result
         # Route was not recognized. Try to find out why (maybe wrong verb).
-        allows = HTTP_METHODS.select { |verb| routes.find { |r| r.recognize(path, :method => verb) } }
+        allows = HTTP_METHODS.select { |verb| routes.find { |r| r.recognize(path, environment.merge(:method => verb)) } }
         if environment[:method] && !HTTP_METHODS.include?(environment[:method])
           raise NotImplemented.new(*allows)
@@ -98,7 +98,6 @@ module ActionController
           if Array === item
             i += 1
             start = (i == 1)
-            final = (i == list.size)
             tag, sub = item
             if tag == :dynamic
               body += padding + "#{start ? 'if' : 'elsif'} true\n"

data/lib/action_controller/routing/route.rb CHANGED

@@ -35,6 +35,11 @@ module ActionController
           segment.key if segment.respond_to? :key
         end.compact
       end
+      def required_segment_keys
+        required_segments = segments.select {|seg| (!seg.optional? && !seg.is_a?(DividerSegment)) || seg.is_a?(PathSegment) }
+        required_segments.collect { |seg| seg.key if seg.respond_to?(:key)}.compact
+      end
       # Build a query string from the keys of the given hash. If +only_keys+
       # is given (as an array), only the keys indicated will be used to build
@@ -122,6 +127,16 @@ module ActionController
         super
       end
+      def generate(options, hash, expire_on = {})
+        path, hash = generate_raw(options, hash, expire_on)
+        append_query_string(path, hash, extra_keys(options))
+      end
+      def generate_extras(options, hash, expire_on = {})
+        path, hash = generate_raw(options, hash, expire_on)
+        [path, extra_keys(options)]
+      end
       private
         def requirement_for(key)
           return requirements[key] if requirements.key? key
@@ -150,11 +165,6 @@ module ActionController
           # the query string. (Never use keys from the recalled request when building the
           # query string.)
-          method_decl = "def generate(#{args})\npath, hash = generate_raw(options, hash, expire_on)\nappend_query_string(path, hash, extra_keys(options))\nend"
-          instance_eval method_decl, "generated code (#{__FILE__}:#{__LINE__})"
-          method_decl = "def generate_extras(#{args})\npath, hash = generate_raw(options, hash, expire_on)\n[path, extra_keys(options)]\nend"
-          instance_eval method_decl, "generated code (#{__FILE__}:#{__LINE__})"
           raw_method
         end

data/lib/action_controller/routing/route_set.rb CHANGED

@@ -7,6 +7,8 @@ module ActionController
       # Mapper instances have relatively few instance methods, in order to avoid
       # clashes with named routes.
       class Mapper #:doc:
+        include ActionController::Resources
         def initialize(set) #:nodoc:
           @set = set
         end
@@ -143,10 +145,10 @@ module ActionController
           def define_hash_access(route, name, kind, options)
             selector = hash_access_name(name, kind)
             named_helper_module_eval <<-end_eval # We use module_eval to avoid leaks
-              def #{selector}(options = nil)
-                options ? #{options.inspect}.merge(options) : #{options.inspect}
-              end
-              protected :#{selector}
+              def #{selector}(options = nil)                                      # def hash_for_users_url(options = nil)
+                options ? #{options.inspect}.merge(options) : #{options.inspect}  #   options ? {:only_path=>false}.merge(options) : {:only_path=>false}
+              end                                                                 # end
+              protected :#{selector}                                              # protected :hash_for_users_url
             end_eval
             helpers << selector
           end
@@ -171,32 +173,43 @@ module ActionController
             #   foo_url(bar, baz, bang, :sort_by => 'baz')
             #
             named_helper_module_eval <<-end_eval # We use module_eval to avoid leaks
-              def #{selector}(*args)
-                #{generate_optimisation_block(route, kind)}
-                opts = if args.empty? || Hash === args.first
-                  args.first || {}
-                else
-                  options = args.extract_options!
-                  args = args.zip(#{route.segment_keys.inspect}).inject({}) do |h, (v, k)|
-                    h[k] = v
-                    h
-                  end
-                  options.merge(args)
-                end
-                url_for(#{hash_access_method}(opts))
-              end
-              protected :#{selector}
+              def #{selector}(*args)                                                        # def users_url(*args)
+                                                                                            #
+                #{generate_optimisation_block(route, kind)}                                 #   #{generate_optimisation_block(route, kind)}
+                                                                                            #
+                opts = if args.empty? || Hash === args.first                                #   opts = if args.empty? || Hash === args.first
+                  args.first || {}                                                          #     args.first || {}
+                else                                                                        #   else
+                  options = args.extract_options!                                           #     options = args.extract_options!
+                  args = args.zip(#{route.segment_keys.inspect}).inject({}) do |h, (v, k)|  #     args = args.zip([]).inject({}) do |h, (v, k)|
+                    h[k] = v                                                                #       h[k] = v
+                    h                                                                       #       h
+                  end                                                                       #     end
+                  options.merge(args)                                                       #     options.merge(args)
+                end                                                                         #   end
+                                                                                            #
+                url_for(#{hash_access_method}(opts))                                        #   url_for(hash_for_users_url(opts))
+                                                                                            #
+              end                                                                           # end
+              #Add an alias to support the now deprecated formatted_* URL.                  # #Add an alias to support the now deprecated formatted_* URL.
+              def formatted_#{selector}(*args)                                              # def formatted_users_url(*args)
+                ActiveSupport::Deprecation.warn(                                            #   ActiveSupport::Deprecation.warn(
+                  "formatted_#{selector}() has been deprecated. " +                         #     "formatted_users_url() has been deprecated. " +
+                  "Please pass format to the standard " +                                   #     "Please pass format to the standard " +
+                  "#{selector} method instead.", caller)                                    #     "users_url method instead.", caller)
+                #{selector}(*args)                                                          #   users_url(*args)
+              end                                                                           # end
+              protected :#{selector}                                                        # protected :users_url
             end_eval
             helpers << selector
           end
       end
-      attr_accessor :routes, :named_routes, :configuration_file
+      attr_accessor :routes, :named_routes, :configuration_files
       def initialize
+        self.configuration_files = []
         self.routes = []
         self.named_routes = NamedRouteCollection.new
@@ -210,7 +223,6 @@ module ActionController
       end
       def draw
-        clear!
         yield Mapper.new(self)
         install_helpers
       end
@@ -234,8 +246,22 @@ module ActionController
         routes.empty?
       end
+      def add_configuration_file(path)
+        self.configuration_files << path
+      end
+      # Deprecated accessor
+      def configuration_file=(path)
+        add_configuration_file(path)
+      end
+      # Deprecated accessor
+      def configuration_file
+        configuration_files
+      end
       def load!
-        Routing.use_controllers! nil # Clear the controller cache so we may discover new ones
+        Routing.use_controllers!(nil) # Clear the controller cache so we may discover new ones
         clear!
         load_routes!
       end
@@ -244,24 +270,39 @@ module ActionController
       alias reload! load!
       def reload
-        if @routes_last_modified && configuration_file
-          mtime = File.stat(configuration_file).mtime
-          # if it hasn't been changed, then just return
-          return if mtime == @routes_last_modified
-          # if it has changed then record the new time and fall to the load! below
-          @routes_last_modified = mtime
+        if configuration_files.any? && @routes_last_modified
+          if routes_changed_at == @routes_last_modified
+            return # routes didn't change, don't reload
+          else
+            @routes_last_modified = routes_changed_at
+          end
         end
         load!
       end
       def load_routes!
-        if configuration_file
-          load configuration_file
-          @routes_last_modified = File.stat(configuration_file).mtime
+        if configuration_files.any?
+          configuration_files.each { |config| load(config) }
+          @routes_last_modified = routes_changed_at
         else
           add_route ":controller/:action/:id"
         end
       end
+      def routes_changed_at
+        routes_changed_at = nil
+        configuration_files.each do |config|
+          config_changed_at = File.stat(config).mtime
+          if routes_changed_at.nil? || config_changed_at > routes_changed_at
+            routes_changed_at = config_changed_at
+          end
+        end
+        routes_changed_at
+      end
       def add_route(path, options = {})
         route = builder.build(path, options)
@@ -363,7 +404,7 @@ module ActionController
           end
           # don't use the recalled keys when determining which routes to check
-          routes = routes_by_controller[controller][action][options.keys.sort_by { |x| x.object_id }]
+          routes = routes_by_controller[controller][action][options.reject {|k,v| !v}.keys.sort_by { |x| x.object_id }]
           routes.each do |route|
             results = route.__send__(method, options, merged, expire_on)
@@ -386,6 +427,12 @@ module ActionController
         end
       end
+      def call(env)
+        request = Request.new(env)
+        app = Routing::Routes.recognize(request)
+        app.call(env).to_a
+      end
       def recognize(request)
         params = recognize_path(request.path, extract_request_environment(request))
         request.path_parameters = params.with_indifferent_access

data/lib/action_controller/routing/segments.rb CHANGED

@@ -304,5 +304,40 @@ module ActionController
         end
       end
     end
+    # The OptionalFormatSegment allows for any resource route to have an optional
+    # :format, which decreases the amount of routes created by 50%.
+    class OptionalFormatSegment < DynamicSegment
+      def initialize(key = nil, options = {})
+        super(:format, {:optional => true}.merge(options))
+      end
+      def interpolation_chunk
+        "." + super
+      end
+      def regexp_chunk
+        '/|(\.[^/?\.]+)?'
+      end
+      def to_s
+        '(.:format)?'
+      end
+      def extract_value
+        "#{local_name} = options[:#{key}] && options[:#{key}].to_s.downcase"
+      end
+      #the value should not include the period (.)
+      def match_extraction(next_capture)
+        %[
+          if (m = match[#{next_capture}])
+            params[:#{key}] = URI.unescape(m.from(1))
+          end
+        ]
+      end
+    end
   end
 end

data/lib/action_controller/session/abstract_store.rb ADDED

@@ -0,0 +1,181 @@
+require 'rack/utils'
+module ActionController
+  module Session
+    class AbstractStore
+      ENV_SESSION_KEY = 'rack.session'.freeze
+      ENV_SESSION_OPTIONS_KEY = 'rack.session.options'.freeze
+      HTTP_COOKIE = 'HTTP_COOKIE'.freeze
+      SET_COOKIE = 'Set-Cookie'.freeze
+      class SessionHash < Hash
+        def initialize(by, env)
+          super()
+          @by = by
+          @env = env
+          @loaded = false
+        end
+        def session_id
+          ActiveSupport::Deprecation.warn(
+            "ActionController::Session::AbstractStore::SessionHash#session_id " +
+            "has been deprecated. Please use request.session_options[:id] instead.", caller)
+          @env[ENV_SESSION_OPTIONS_KEY][:id]
+        end
+        def [](key)
+          load! unless @loaded
+          super
+        end
+        def []=(key, value)
+          load! unless @loaded
+          super
+        end
+        def to_hash
+          h = {}.replace(self)
+          h.delete_if { |k,v| v.nil? }
+          h
+        end
+        def data
+         ActiveSupport::Deprecation.warn(
+           "ActionController::Session::AbstractStore::SessionHash#data " +
+           "has been deprecated. Please use #to_hash instead.", caller)
+          to_hash
+        end
+        def inspect
+          load! unless @loaded
+          super
+        end
+        private
+          def loaded?
+            @loaded
+          end
+          def load!
+            stale_session_check! do
+              id, session = @by.send(:load_session, @env)
+              (@env[ENV_SESSION_OPTIONS_KEY] ||= {})[:id] = id
+              replace(session)
+              @loaded = true
+            end
+          end
+          def stale_session_check!
+            yield
+          rescue ArgumentError => argument_error
+            if argument_error.message =~ %r{undefined class/module ([\w:]*\w)}
+              begin
+                # Note that the regexp does not allow $1 to end with a ':'
+                $1.constantize
+              rescue LoadError, NameError => const_error
+                raise ActionController::SessionRestoreError, "Session contains objects whose class definition isn\\'t available.\nRemember to require the classes for all objects kept in the session.\n(Original exception: \#{const_error.message} [\#{const_error.class}])\n"
+              end
+              retry
+            else
+              raise
+            end
+          end
+      end
+      DEFAULT_OPTIONS = {
+        :key =>           '_session_id',
+        :path =>          '/',
+        :domain =>        nil,
+        :expire_after =>  nil,
+        :secure =>        false,
+        :httponly =>      true,
+        :cookie_only =>   true
+      }
+      def initialize(app, options = {})
+        # Process legacy CGI options
+        options = options.symbolize_keys
+        if options.has_key?(:session_path)
+          options[:path] = options.delete(:session_path)
+        end
+        if options.has_key?(:session_key)
+          options[:key] = options.delete(:session_key)
+        end
+        if options.has_key?(:session_http_only)
+          options[:httponly] = options.delete(:session_http_only)
+        end
+        @app = app
+        @default_options = DEFAULT_OPTIONS.merge(options)
+        @key = @default_options[:key]
+        @cookie_only = @default_options[:cookie_only]
+      end
+      def call(env)
+        session = SessionHash.new(self, env)
+        env[ENV_SESSION_KEY] = session
+        env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup
+        response = @app.call(env)
+        session_data = env[ENV_SESSION_KEY]
+        options = env[ENV_SESSION_OPTIONS_KEY]
+        if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) || options[:expire_after]
+          session_data.send(:load!) if session_data.is_a?(AbstractStore::SessionHash) && !session_data.send(:loaded?)
+          sid = options[:id] || generate_sid
+          unless set_session(env, sid, session_data.to_hash)
+            return response
+          end
+          cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid)
+          cookie << "; domain=#{options[:domain]}" if options[:domain]
+          cookie << "; path=#{options[:path]}" if options[:path]
+          if options[:expire_after]
+            expiry = Time.now + options[:expire_after]
+            cookie << "; expires=#{expiry.httpdate}"
+          end
+          cookie << "; Secure" if options[:secure]
+          cookie << "; HttpOnly" if options[:httponly]
+          headers = response[1]
+          unless headers[SET_COOKIE].blank?
+            headers[SET_COOKIE] << "\n#{cookie}"
+          else
+            headers[SET_COOKIE] = cookie
+          end
+        end
+        response
+      end
+      private
+        def generate_sid
+          ActiveSupport::SecureRandom.hex(16)
+        end
+        def load_session(env)
+          request = Rack::Request.new(env)
+          sid = request.cookies[@key]
+          unless @cookie_only
+            sid ||= request.params[@key]
+          end
+          sid, session = get_session(env, sid)
+          [sid, session]
+        end
+        def get_session(env, sid)
+          raise '#get_session needs to be implemented.'
+        end
+        def set_session(env, sid, session_data)
+          raise '#set_session needs to be implemented.'
+        end
+    end
+  end
+end