RubyGems - actionpack - Versions diffs - 2.2.3 → 2.3.2 - Mend

actionpack 2.2.3 → 2.3.2

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (264) hide show

data/CHANGELOG +433 -375
data/MIT-LICENSE +1 -1
data/README +21 -75
data/Rakefile +1 -1
data/lib/action_controller.rb +80 -43
data/lib/action_controller/assertions/model_assertions.rb +1 -0
data/lib/action_controller/assertions/response_assertions.rb +43 -16
data/lib/action_controller/assertions/routing_assertions.rb +1 -1
data/lib/action_controller/assertions/selector_assertions.rb +17 -12
data/lib/action_controller/assertions/tag_assertions.rb +1 -4
data/lib/action_controller/base.rb +153 -82
data/lib/action_controller/benchmarking.rb +9 -9
data/lib/action_controller/caching.rb +9 -11
data/lib/action_controller/caching/actions.rb +11 -18
data/lib/action_controller/caching/fragments.rb +28 -20
data/lib/action_controller/caching/pages.rb +13 -15
data/lib/action_controller/caching/sweeping.rb +2 -2
data/lib/action_controller/cgi_ext.rb +0 -1
data/lib/action_controller/cgi_ext/cookie.rb +2 -0
data/lib/action_controller/cgi_process.rb +54 -162
data/lib/action_controller/cookies.rb +13 -25
data/lib/action_controller/dispatcher.rb +43 -122
data/lib/action_controller/failsafe.rb +52 -0
data/lib/action_controller/flash.rb +38 -47
data/lib/action_controller/helpers.rb +13 -9
data/lib/action_controller/http_authentication.rb +203 -23
data/lib/action_controller/integration.rb +126 -70
data/lib/action_controller/layout.rb +36 -39
data/lib/action_controller/middleware_stack.rb +119 -0
data/lib/action_controller/middlewares.rb +13 -0
data/lib/action_controller/mime_responds.rb +19 -4
data/lib/action_controller/mime_type.rb +8 -0
data/lib/action_controller/params_parser.rb +71 -0
data/lib/action_controller/performance_test.rb +0 -1
data/lib/action_controller/polymorphic_routes.rb +36 -30
data/lib/action_controller/reloader.rb +14 -0
data/lib/action_controller/request.rb +107 -499
data/lib/action_controller/request_forgery_protection.rb +7 -39
data/lib/action_controller/rescue.rb +55 -35
data/lib/action_controller/resources.rb +34 -31
data/lib/action_controller/response.rb +99 -57
data/lib/action_controller/rewindable_input.rb +28 -0
data/lib/action_controller/routing.rb +7 -7
data/lib/action_controller/routing/builder.rb +4 -1
data/lib/action_controller/routing/optimisations.rb +1 -1
data/lib/action_controller/routing/recognition_optimisation.rb +1 -2
data/lib/action_controller/routing/route.rb +15 -5
data/lib/action_controller/routing/route_set.rb +82 -35
data/lib/action_controller/routing/segments.rb +35 -0
data/lib/action_controller/session/abstract_store.rb +181 -0
data/lib/action_controller/session/cookie_store.rb +197 -175
data/lib/action_controller/session/mem_cache_store.rb +36 -83
data/lib/action_controller/session_management.rb +26 -134
data/lib/action_controller/streaming.rb +24 -7
data/lib/action_controller/templates/rescues/diagnostics.erb +2 -2
data/lib/action_controller/templates/rescues/template_error.erb +2 -2
data/lib/action_controller/test_case.rb +87 -30
data/lib/action_controller/test_process.rb +145 -104
data/lib/action_controller/uploaded_file.rb +44 -0
data/lib/action_controller/url_rewriter.rb +3 -6
data/lib/action_controller/vendor/html-scanner.rb +16 -0
data/lib/action_controller/vendor/html-scanner/html/selector.rb +1 -1
data/lib/action_controller/vendor/rack-1.0/rack.rb +89 -0
data/lib/action_controller/vendor/rack-1.0/rack/adapter/camping.rb +22 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/handler.rb +37 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/abstract/request.rb +37 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/basic.rb +58 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/md5.rb +124 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/nonce.rb +51 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/params.rb +55 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/digest/request.rb +40 -0
data/lib/action_controller/vendor/rack-1.0/rack/auth/openid.rb +480 -0
data/lib/action_controller/vendor/rack-1.0/rack/builder.rb +63 -0
data/lib/action_controller/vendor/rack-1.0/rack/cascade.rb +36 -0
data/lib/action_controller/vendor/rack-1.0/rack/chunked.rb +49 -0
data/lib/action_controller/vendor/rack-1.0/rack/commonlogger.rb +61 -0
data/lib/action_controller/vendor/rack-1.0/rack/conditionalget.rb +45 -0
data/lib/action_controller/vendor/rack-1.0/rack/content_length.rb +29 -0
data/lib/action_controller/vendor/rack-1.0/rack/content_type.rb +23 -0
data/lib/action_controller/vendor/rack-1.0/rack/deflater.rb +85 -0
data/lib/action_controller/vendor/rack-1.0/rack/directory.rb +153 -0
data/lib/action_controller/vendor/rack-1.0/rack/file.rb +88 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler.rb +48 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/cgi.rb +61 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/evented_mongrel.rb +8 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/fastcgi.rb +89 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/lsws.rb +55 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/mongrel.rb +84 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/scgi.rb +59 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/swiftiplied_mongrel.rb +8 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/thin.rb +18 -0
data/lib/action_controller/vendor/rack-1.0/rack/handler/webrick.rb +67 -0
data/lib/action_controller/vendor/rack-1.0/rack/head.rb +19 -0
data/lib/action_controller/vendor/rack-1.0/rack/lint.rb +462 -0
data/lib/action_controller/vendor/rack-1.0/rack/lobster.rb +65 -0
data/lib/action_controller/vendor/rack-1.0/rack/lock.rb +16 -0
data/lib/action_controller/vendor/rack-1.0/rack/methodoverride.rb +27 -0
data/lib/action_controller/vendor/rack-1.0/rack/mime.rb +204 -0
data/lib/action_controller/vendor/rack-1.0/rack/mock.rb +160 -0
data/lib/action_controller/vendor/rack-1.0/rack/recursive.rb +57 -0
data/lib/action_controller/vendor/rack-1.0/rack/reloader.rb +64 -0
data/lib/action_controller/vendor/rack-1.0/rack/request.rb +241 -0
data/lib/action_controller/vendor/rack-1.0/rack/response.rb +179 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/abstract/id.rb +142 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/cookie.rb +91 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/memcache.rb +109 -0
data/lib/action_controller/vendor/rack-1.0/rack/session/pool.rb +100 -0
data/lib/action_controller/vendor/rack-1.0/rack/showexceptions.rb +349 -0
data/lib/action_controller/vendor/rack-1.0/rack/showstatus.rb +106 -0
data/lib/action_controller/vendor/rack-1.0/rack/static.rb +38 -0
data/lib/action_controller/vendor/rack-1.0/rack/urlmap.rb +55 -0
data/lib/action_controller/vendor/rack-1.0/rack/utils.rb +392 -0
data/lib/action_controller/verification.rb +1 -1
data/lib/action_pack.rb +1 -1
data/lib/action_pack/version.rb +2 -2
data/lib/action_view.rb +22 -17
data/lib/action_view/base.rb +53 -79
data/lib/action_view/erb/util.rb +38 -0
data/lib/action_view/helpers.rb +24 -5
data/lib/action_view/helpers/active_record_helper.rb +2 -2
data/lib/action_view/helpers/asset_tag_helper.rb +81 -50
data/lib/action_view/helpers/atom_feed_helper.rb +1 -1
data/lib/action_view/helpers/benchmark_helper.rb +26 -5
data/lib/action_view/helpers/date_helper.rb +82 -7
data/lib/action_view/helpers/form_helper.rb +295 -64
data/lib/action_view/helpers/form_options_helper.rb +160 -18
data/lib/action_view/helpers/form_tag_helper.rb +2 -2
data/lib/action_view/helpers/number_helper.rb +31 -18
data/lib/action_view/helpers/prototype_helper.rb +2 -12
data/lib/action_view/helpers/sanitize_helper.rb +0 -10
data/lib/action_view/helpers/scriptaculous_helper.rb +1 -0
data/lib/action_view/helpers/tag_helper.rb +3 -4
data/lib/action_view/helpers/text_helper.rb +99 -122
data/lib/action_view/helpers/translation_helper.rb +19 -1
data/lib/action_view/helpers/url_helper.rb +25 -2
data/lib/action_view/inline_template.rb +1 -1
data/lib/action_view/locale/en.yml +19 -1
data/lib/action_view/partials.rb +46 -9
data/lib/action_view/paths.rb +28 -84
data/lib/action_view/reloadable_template.rb +117 -0
data/lib/action_view/renderable.rb +28 -35
data/lib/action_view/renderable_partial.rb +3 -4
data/lib/action_view/template.rb +172 -31
data/lib/action_view/template_error.rb +8 -9
data/lib/action_view/template_handler.rb +1 -1
data/lib/action_view/template_handlers.rb +9 -6
data/lib/action_view/template_handlers/erb.rb +2 -39
data/lib/action_view/template_handlers/rjs.rb +1 -0
data/lib/action_view/test_case.rb +27 -1
data/test/abstract_unit.rb +23 -17
data/test/active_record_unit.rb +5 -4
data/test/activerecord/active_record_store_test.rb +139 -106
data/test/activerecord/render_partial_with_record_identification_test.rb +5 -21
data/test/controller/action_pack_assertions_test.rb +25 -23
data/test/controller/addresses_render_test.rb +3 -6
data/test/controller/assert_select_test.rb +83 -70
data/test/controller/base_test.rb +11 -13
data/test/controller/benchmark_test.rb +3 -3
data/test/controller/caching_test.rb +34 -24
data/test/controller/capture_test.rb +3 -6
data/test/controller/content_type_test.rb +3 -6
data/test/controller/cookie_test.rb +31 -66
data/test/controller/deprecation/deprecated_base_methods_test.rb +9 -11
data/test/controller/dispatcher_test.rb +23 -28
data/test/controller/fake_models.rb +8 -0
data/test/controller/filters_test.rb +6 -2
data/test/controller/flash_test.rb +2 -6
data/test/controller/helper_test.rb +15 -1
data/test/controller/html-scanner/document_test.rb +1 -1
data/test/controller/html-scanner/sanitizer_test.rb +1 -1
data/test/controller/http_basic_authentication_test.rb +88 -0
data/test/controller/http_digest_authentication_test.rb +178 -0
data/test/controller/integration_test.rb +56 -52
data/test/controller/layout_test.rb +46 -44
data/test/controller/middleware_stack_test.rb +90 -0
data/test/controller/mime_responds_test.rb +7 -11
data/test/controller/mime_type_test.rb +9 -0
data/test/controller/polymorphic_routes_test.rb +235 -151
data/test/controller/rack_test.rb +52 -81
data/test/controller/redirect_test.rb +6 -14
data/test/controller/render_test.rb +273 -60
data/test/controller/request/json_params_parsing_test.rb +45 -0
data/test/controller/request/multipart_params_parsing_test.rb +223 -0
data/test/controller/request/query_string_parsing_test.rb +120 -0
data/test/controller/request/url_encoded_params_parsing_test.rb +184 -0
data/test/controller/request/xml_params_parsing_test.rb +88 -0
data/test/controller/request_forgery_protection_test.rb +17 -98
data/test/controller/request_test.rb +45 -530
data/test/controller/rescue_test.rb +45 -22
data/test/controller/resources_test.rb +112 -37
data/test/controller/routing_test.rb +1442 -1384
data/test/controller/selector_test.rb +3 -3
data/test/controller/send_file_test.rb +30 -3
data/test/controller/session/cookie_store_test.rb +169 -240
data/test/controller/session/mem_cache_store_test.rb +94 -148
data/test/controller/session/test_session_test.rb +58 -0
data/test/controller/test_test.rb +32 -13
data/test/controller/url_rewriter_test.rb +54 -4
data/test/controller/verification_test.rb +1 -1
data/test/controller/view_paths_test.rb +15 -15
data/test/controller/webservice_test.rb +178 -147
data/test/fixtures/alternate_helpers/foo_helper.rb +3 -0
data/test/fixtures/layout_tests/alt/layouts/alt.rhtml +0 -0
data/test/fixtures/layouts/default_html.html.erb +1 -0
data/test/fixtures/layouts/xhr.html.erb +2 -0
data/test/fixtures/multipart/empty +10 -0
data/test/fixtures/multipart/hello.txt +1 -0
data/test/fixtures/multipart/none +9 -0
data/test/fixtures/public/500.da.html +1 -0
data/test/fixtures/quiz/questions/_question.html.erb +1 -0
data/test/fixtures/replies.yml +1 -1
data/test/fixtures/test/_one.html.erb +1 -0
data/test/fixtures/test/_two.html.erb +1 -0
data/test/fixtures/test/dont_pick_me +1 -0
data/test/fixtures/test/hello.builder +1 -1
data/test/fixtures/test/hello_world.da.html.erb +1 -0
data/test/fixtures/test/hello_world.erb~ +1 -0
data/test/fixtures/test/hello_world.pt-BR.html.erb +1 -0
data/test/fixtures/test/malformed/malformed.en.html.erb~ +1 -0
data/test/fixtures/test/malformed/malformed.erb~ +1 -0
data/test/fixtures/test/malformed/malformed.html.erb~ +1 -0
data/test/fixtures/test/render_explicit_html_template.js.rjs +1 -0
data/test/fixtures/test/render_implicit_html_template.js.rjs +1 -0
data/test/fixtures/test/render_implicit_html_template_from_xhr_request.da.html.erb +1 -0
data/test/fixtures/test/render_implicit_html_template_from_xhr_request.html.erb +1 -0
data/test/fixtures/test/render_implicit_js_template_without_layout.js.erb +1 -0
data/test/fixtures/test/utf8.html.erb +2 -0
data/test/template/active_record_helper_i18n_test.rb +31 -33
data/test/template/active_record_helper_test.rb +34 -0
data/test/template/asset_tag_helper_test.rb +52 -14
data/test/template/atom_feed_helper_test.rb +3 -5
data/test/template/benchmark_helper_test.rb +50 -24
data/test/template/compiled_templates_test.rb +177 -33
data/test/template/date_helper_i18n_test.rb +88 -81
data/test/template/date_helper_test.rb +427 -43
data/test/template/form_helper_test.rb +243 -44
data/test/template/form_options_helper_test.rb +631 -565
data/test/template/form_tag_helper_test.rb +9 -2
data/test/template/javascript_helper_test.rb +0 -5
data/test/template/number_helper_i18n_test.rb +60 -48
data/test/template/number_helper_test.rb +1 -0
data/test/template/render_test.rb +117 -35
data/test/template/test_test.rb +4 -6
data/test/template/text_helper_test.rb +129 -50
data/test/template/translation_helper_test.rb +23 -19
data/test/template/url_helper_test.rb +35 -2
data/test/view/test_case_test.rb +8 -0
metadata +197 -23
data/lib/action_controller/assertions.rb +0 -69
data/lib/action_controller/caching/sql_cache.rb +0 -18
data/lib/action_controller/cgi_ext/session.rb +0 -53
data/lib/action_controller/components.rb +0 -169
data/lib/action_controller/rack_process.rb +0 -297
data/lib/action_controller/request_profiler.rb +0 -169
data/lib/action_controller/session/active_record_store.rb +0 -340
data/lib/action_controller/session/drb_server.rb +0 -32
data/lib/action_controller/session/drb_store.rb +0 -35
data/test/controller/cgi_test.rb +0 -269
data/test/controller/components_test.rb +0 -156
data/test/controller/http_authentication_test.rb +0 -54
data/test/controller/integration_upload_test.rb +0 -43
data/test/controller/session_fixation_test.rb +0 -89
data/test/controller/session_management_test.rb +0 -178
data/test/fixtures/test/hello_world.js +0 -1

data/lib/action_controller/assertions/routing_assertions.rb CHANGED

@@ -134,7 +134,7 @@ module ActionController
           path = "/#{path}" unless path.first == '/'
           # Assume given controller
-          request = ActionController::TestRequest.new({}, {}, nil)
+          request = ActionController::TestRequest.new
           request.env["REQUEST_METHOD"] = request_method.to_s.upcase if request_method
           request.path   = path

data/lib/action_controller/assertions/selector_assertions.rb CHANGED

@@ -3,9 +3,6 @@
 # Under MIT and/or CC By license.
 #++
-require 'rexml/document'
-require 'html/document'
 module ActionController
   module Assertions
     unless const_defined?(:NO_STRIP)
@@ -112,20 +109,27 @@ module ActionController
       # starting from (and including) that element and all its children in
       # depth-first order.
       #
-      # If no element if specified, calling +assert_select+ will select from the
-      # response HTML. Calling #assert_select inside an +assert_select+ block will
-      # run the assertion for each element selected by the enclosing assertion.
+      # If no element if specified, calling +assert_select+ selects from the
+      # response HTML unless +assert_select+ is called from within an +assert_select+ block.
+      #
+      # When called with a block +assert_select+ passes an array of selected elements
+      # to the block. Calling +assert_select+ from the block, with no element specified,
+      # runs the assertion on the complete set of elements selected by the enclosing assertion.
+      # Alternatively the array may be iterated through so that +assert_select+ can be called
+      # separately for each element.
+      #
       #
       # ==== Example
-      #   assert_select "ol>li" do |elements|
+      # If the response contains two ordered lists, each with four list elements then:
+      #   assert_select "ol" do |elements|
       #     elements.each do |element|
-      #       assert_select element, "li"
+      #       assert_select element, "li", 4
       #     end
       #   end
       #
-      # Or for short:
-      #   assert_select "ol>li" do
-      #     assert_select "li"
+      # will pass, as will:
+      #   assert_select "ol" do
+      #     assert_select "li", 8
       #   end
       #
       # The selector may be a CSS selector expression (String), an expression
@@ -405,6 +409,7 @@ module ActionController
         if rjs_type
           if rjs_type == :insert
             position  = args.shift
+            id = args.shift
             insertion = "insert_#{position}".to_sym
             raise ArgumentError, "Unknown RJS insertion type #{position}" unless RJS_STATEMENTS[insertion]
             statement = "(#{RJS_STATEMENTS[insertion]})"
@@ -590,7 +595,7 @@ module ActionController
         def response_from_page_or_rjs()
           content_type = @response.content_type
-          if content_type && content_type =~ /text\/javascript/
+          if content_type && Mime::JS =~ content_type
             body = @response.body.dup
             root = HTML::Node.new(nil)

data/lib/action_controller/assertions/tag_assertions.rb CHANGED

@@ -1,6 +1,3 @@
-require 'rexml/document'
-require 'html/document'
 module ActionController
   module Assertions
     # Pair of assertions to testing elements in the HTML output of the response.
@@ -127,4 +124,4 @@ module ActionController
       end
     end
   end
-end
+end

data/lib/action_controller/base.rb CHANGED

@@ -1,12 +1,3 @@
-require 'action_controller/mime_type'
-require 'action_controller/request'
-require 'action_controller/response'
-require 'action_controller/routing'
-require 'action_controller/resources'
-require 'action_controller/url_rewriter'
-require 'action_controller/status_codes'
-require 'action_view'
-require 'drb'
 require 'set'
 module ActionController #:nodoc:
@@ -31,7 +22,7 @@ module ActionController #:nodoc:
     attr_reader :allowed_methods
     def initialize(*allowed_methods)
-      super("Only #{allowed_methods.to_sentence} requests are allowed.")
+      super("Only #{allowed_methods.to_sentence(:locale => :en)} requests are allowed.")
       @allowed_methods = allowed_methods
     end
@@ -173,8 +164,8 @@ module ActionController #:nodoc:
   #
   # Other options for session storage are:
   #
-  # * ActiveRecordStore - Sessions are stored in your database, which works better than PStore with multiple app servers and,
-  #   unlike CookieStore, hides your session contents from the user. To use ActiveRecordStore, set
+  # * ActiveRecord::SessionStore - Sessions are stored in your database, which works better than PStore with multiple app servers and,
+  #   unlike CookieStore, hides your session contents from the user. To use ActiveRecord::SessionStore, set
   #
   #     config.action_controller.session_store = :active_record_store
   #
@@ -263,7 +254,7 @@ module ActionController #:nodoc:
     cattr_reader :protected_instance_variables
     # Controller specific instance variables which will not be accessible inside views.
     @@protected_instance_variables = %w(@assigns @performed_redirect @performed_render @variables_added @request_origin @url @parent_controller
-                                        @action_name @before_filter_chain_aborted @action_cache_path @_session @_cookies @_headers @_params
+                                        @action_name @before_filter_chain_aborted @action_cache_path @_session @_headers @_params
                                         @_flash @_response)
     # Prepends all the URL-generating helpers from AssetHelper. This makes it possible to easily move javascripts, stylesheets,
@@ -310,10 +301,7 @@ module ActionController #:nodoc:
     # A YAML parser is also available and can be turned on with:
     #
     #   ActionController::Base.param_parsers[Mime::YAML] = :yaml
-    @@param_parsers = { Mime::MULTIPART_FORM   => :multipart_form,
-                        Mime::URL_ENCODED_FORM => :url_encoded_form,
-                        Mime::XML              => :xml_simple,
-                        Mime::JSON             => :json }
+    @@param_parsers = {}
     cattr_accessor :param_parsers
     # Controls the default charset for all renders.
@@ -336,6 +324,10 @@ module ActionController #:nodoc:
     # sets it to <tt>:authenticity_token</tt> by default.
     cattr_accessor :request_forgery_protection_token
+    # Controls the IP Spoofing check when determining the remote IP.
+    @@ip_spoofing_check = true
+    cattr_accessor :ip_spoofing_check
     # Indicates whether or not optimise the generated named
     # route helper methods
     cattr_accessor :optimise_named_routes
@@ -387,6 +379,13 @@ module ActionController #:nodoc:
     attr_accessor :action_name
     class << self
+      def call(env)
+        # HACK: For global rescue to have access to the original request and response
+        request = env["action_controller.rescue.request"] ||= Request.new(env)
+        response = env["action_controller.rescue.response"] ||= Response.new
+        process(request, response)
+      end
       # Factory for the standard create, process loop where the controller is discarded after processing.
       def process(request, response) #:nodoc:
         new.process(request, response)
@@ -507,7 +506,7 @@ module ActionController #:nodoc:
         protected :filter_parameters
       end
-      delegate :exempt_from_layout, :to => 'ActionView::Base'
+      delegate :exempt_from_layout, :to => 'ActionView::Template'
     end
     public
@@ -529,7 +528,7 @@ module ActionController #:nodoc:
       end
       def send_response
-        response.prepare! unless component_request?
+        response.prepare!
         response
       end
@@ -645,7 +644,7 @@ module ActionController #:nodoc:
       end
       def session_enabled?
-        request.session_options && request.session_options[:disabled] != false
+        ActiveSupport::Deprecation.warn("Sessions are now lazy loaded. So if you don't access them, consider them disabled.", caller)
       end
       self.view_paths = []
@@ -785,9 +784,37 @@ module ActionController #:nodoc:
       #   # placed in "app/views/layouts/special.r(html|xml)"
       #   render :text => "Hi there!", :layout => "special"
       #
-      # The <tt>:text</tt> option can also accept a Proc object, which can be used to manually control the page generation. This should
-      # generally be avoided, as it violates the separation between code and content, and because almost everything that can be
-      # done with this method can also be done more cleanly using one of the other rendering methods, most notably templates.
+      # === Streaming data and/or controlling the page generation
+      #
+      # The <tt>:text</tt> option can also accept a Proc object, which can be used to:
+      #
+      # 1. stream on-the-fly generated data to the browser. Note that you should
+      #    use the methods provided by ActionController::Steaming instead if you
+      #    want to stream a buffer or a file.
+      # 2. manually control the page generation. This should generally be avoided,
+      #    as it violates the separation between code and content, and because almost
+      #    everything that can be done with this method can also be done more cleanly
+      #    using one of the other rendering methods, most notably templates.
+      #
+      # Two arguments are passed to the proc, a <tt>response</tt> object and an
+      # <tt>output</tt> object. The response object is equivalent to the return
+      # value of the ActionController::Base#response method, and can be used to
+      # control various things in the HTTP response, such as setting the
+      # Content-Type header. The output object is an writable <tt>IO</tt>-like
+      # object, so one can call <tt>write</tt> and <tt>flush</tt> on it.
+      #
+      # The following example demonstrates how one can stream a large amount of
+      # on-the-fly generated data to the browser:
+      #
+      #   # Streams about 180 MB of generated data to the browser.
+      #   render :text => proc { |response, output|
+      #     10_000_000.times do |i|
+      #       output.write("This is line #{i}\n")
+      #       output.flush
+      #     end
+      #   }
+      #
+      # Another example:
       #
       #   # Renders "Hello from code!"
       #   render :text => proc { |response, output| output.write("Hello from code!") }
@@ -864,20 +891,31 @@ module ActionController #:nodoc:
       def render(options = nil, extra_options = {}, &block) #:doc:
         raise DoubleRenderError, "Can only render or redirect once per action" if performed?
+        validate_render_arguments(options, extra_options, block_given?)
         if options.nil?
-          return render(:file => default_template_name, :layout => true)
-        elsif !extra_options.is_a?(Hash)
-          raise RenderError, "You called render with invalid options : #{options.inspect}, #{extra_options.inspect}"
-        else
-          if options == :update
-            options = extra_options.merge({ :update => true })
-          elsif !options.is_a?(Hash)
-            raise RenderError, "You called render with invalid options : #{options.inspect}"
+          options = { :template => default_template, :layout => true }
+        elsif options == :update
+          options = extra_options.merge({ :update => true })
+        elsif options.is_a?(String) || options.is_a?(Symbol)
+          case options.to_s.index('/')
+          when 0
+            extra_options[:file] = options
+          when nil
+            extra_options[:action] = options
+          else
+            extra_options[:template] = options
           end
+          options = extra_options
+        elsif !options.is_a?(Hash)
+          extra_options[:partial] = options
+          options = extra_options
         end
-        response.layout = layout = pick_layout(options)
-        logger.info("Rendering template within #{layout}") if logger && layout
+        layout = pick_layout(options)
+        response.layout = layout.path_without_format_and_extension if layout
+        logger.info("Rendering template within #{layout.path_without_format_and_extension}") if logger && layout
         if content_type = options[:content_type]
           response.content_type = content_type.to_s
@@ -902,7 +940,7 @@ module ActionController #:nodoc:
             render_for_text(@template.render(options.merge(:layout => layout)), options[:status])
           elsif action_name = options[:action]
-            render_for_file(default_template_name(action_name.to_s), options[:status], layout)
+            render_for_file(default_template(action_name.to_s), options[:status], layout)
           elsif xml = options[:xml]
             response.content_type ||= Mime::XML
@@ -937,7 +975,7 @@ module ActionController #:nodoc:
             render_for_text(nil, options[:status])
           else
-            render_for_file(default_template_name, options[:status], layout)
+            render_for_file(default_template, options[:status], layout)
           end
         end
       end
@@ -994,7 +1032,7 @@ module ActionController #:nodoc:
         @performed_redirect = false
         response.redirected_to = nil
         response.redirected_to_method_params = nil
-        response.headers['Status'] = DEFAULT_RENDER_STATUS_CODE
+        response.status = DEFAULT_RENDER_STATUS_CODE
         response.headers.delete('Location')
       end
@@ -1065,7 +1103,6 @@ module ActionController #:nodoc:
         end
         response.redirected_to = options
-        logger.info("Redirected to #{options}") if logger && logger.info?
         case options
           # The scheme name consist of a letter followed by any combination of
@@ -1088,6 +1125,7 @@ module ActionController #:nodoc:
       def redirect_to_full_url(url, status)
         raise DoubleRenderError if performed?
+        logger.info("Redirected to #{url}") if logger && logger.info?
         response.redirect(url, interpret_status(status))
         @performed_redirect = true
       end
@@ -1097,6 +1135,11 @@ module ActionController #:nodoc:
       # request is considered stale and should be generated from scratch. Otherwise,
       # it's fresh and we don't need to generate anything and a reply of "304 Not Modified" is sent.
       #
+      # Parameters:
+      # * <tt>:etag</tt>
+      # * <tt>:last_modified</tt>
+      # * <tt>:public</tt> By default the Cache-Control header is private, set this to true if you want your application to be cachable by other devices (proxy caches).
+      #
       # Example:
       #
       #   def show
@@ -1115,22 +1158,36 @@ module ActionController #:nodoc:
       end
       # Sets the etag, last_modified, or both on the response and renders a
-      # "304 Not Modified" response if the request is already fresh.
+      # "304 Not Modified" response if the request is already fresh.
+      #
+      # Parameters:
+      # * <tt>:etag</tt>
+      # * <tt>:last_modified</tt>
+      # * <tt>:public</tt> By default the Cache-Control header is private, set this to true if you want your application to be cachable by other devices (proxy caches).
       #
       # Example:
       #
       #   def show
       #     @article = Article.find(params[:id])
-      #     fresh_when(:etag => @article, :last_modified => @article.created_at.utc)
+      #     fresh_when(:etag => @article, :last_modified => @article.created_at.utc, :public => true)
       #   end
-      #
-      # This will render the show template if the request isn't sending a matching etag or
+      #
+      # This will render the show template if the request isn't sending a matching etag or
       # If-Modified-Since header and just a "304 Not Modified" response if there's a match.
+      #
       def fresh_when(options)
-        options.assert_valid_keys(:etag, :last_modified)
+        options.assert_valid_keys(:etag, :last_modified, :public)
         response.etag          = options[:etag]          if options[:etag]
         response.last_modified = options[:last_modified] if options[:last_modified]
+        if options[:public]
+          cache_control = response.headers["Cache-Control"].split(",").map {|k| k.strip }
+          cache_control.delete("private")
+          cache_control.delete("no-cache")
+          cache_control << "public"
+          response.headers["Cache-Control"] = cache_control.join(', ')
+        end
         if request.fresh?(response)
           head :not_modified
@@ -1142,15 +1199,26 @@ module ActionController #:nodoc:
       #
       # Examples:
       #   expires_in 20.minutes
-      #   expires_in 3.hours, :private => false
-      #   expires in 3.hours, 'max-stale' => 5.hours, :private => nil, :public => true
+      #   expires_in 3.hours, :public => true
+      #   expires in 3.hours, 'max-stale' => 5.hours, :public => true
       #
       # This method will overwrite an existing Cache-Control header.
       # See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html for more possibilities.
       def expires_in(seconds, options = {}) #:doc:
-        cache_options = { 'max-age' => seconds, 'private' => true }.symbolize_keys.merge!(options.symbolize_keys)
-        cache_options.delete_if { |k,v| v.nil? or v == false }
-        cache_control = cache_options.map{ |k,v| v == true ? k.to_s : "#{k.to_s}=#{v.to_s}"}
+        cache_control = response.headers["Cache-Control"].split(",").map {|k| k.strip }
+        cache_control << "max-age=#{seconds}"
+        cache_control.delete("no-cache")
+        if options[:public]
+          cache_control.delete("private")
+          cache_control << "public"
+        else
+          cache_control << "private"
+        end
+        # This allows for additional headers to be passed through like 'max-stale' => 5.hours
+        cache_control += options.symbolize_keys.reject{|k,v| k == :public || k == :private }.map{ |k,v| v == true ? k.to_s : "#{k.to_s}=#{v.to_s}"}
         response.headers["Cache-Control"] = cache_control.join(', ')
       end
@@ -1164,23 +1232,19 @@ module ActionController #:nodoc:
       def reset_session #:doc:
         request.reset_session
         @_session = request.session
-        #http://rails.lighthouseapp.com/projects/8994/tickets/1558-memory-problem-on-reset_session-in-around_filter#ticket-1558-1
-        #MRI appears to have a GC related memory leak to do with the finalizer that is defined on CGI::Session
-        ObjectSpace.undefine_finalizer(@_session)
-        response.session = @_session
       end
     private
       def render_for_file(template_path, status = nil, layout = nil, locals = {}) #:nodoc:
-        logger.info("Rendering #{template_path}" + (status ? " (#{status})" : '')) if logger
+        path = template_path.respond_to?(:path_without_format_and_extension) ? template_path.path_without_format_and_extension : template_path
+        logger.info("Rendering #{path}" + (status ? " (#{status})" : '')) if logger
         render_for_text @template.render(:file => template_path, :locals => locals, :layout => layout), status
       end
       def render_for_text(text = nil, status = nil, append_response = false) #:nodoc:
         @performed_render = true
-        response.headers['Status'] = interpret_status(status || DEFAULT_RENDER_STATUS_CODE)
+        response.status = interpret_status(status || DEFAULT_RENDER_STATUS_CODE)
         if append_response
           response.body ||= ''
@@ -1194,6 +1258,16 @@ module ActionController #:nodoc:
         end
       end
+      def validate_render_arguments(options, extra_options, has_block)
+        if options && (has_block && options != :update) && !options.is_a?(String) && !options.is_a?(Hash) && !options.is_a?(Symbol)
+          raise RenderError, "You called render with invalid options : #{options.inspect}"
+        end
+        if !extra_options.is_a?(Hash)
+          raise RenderError, "You called render with invalid options : #{options.inspect}, #{extra_options.inspect}"
+        end
+      end
       def initialize_template_class(response)
         response.template = ActionView::Base.new(self.class.view_paths, {}, self)
         response.template.helpers.send :include, self.class.master_helper_module
@@ -1202,7 +1276,7 @@ module ActionController #:nodoc:
       end
       def assign_shortcuts(request, response)
-        @_request, @_params, @_cookies = request, request.parameters, request.cookies
+        @_request, @_params = request, request.parameters
         @_response         = response
         @_response.session = request.session
@@ -1220,11 +1294,10 @@ module ActionController #:nodoc:
       def log_processing
         if logger && logger.info?
           log_processing_for_request_id
-          log_processing_for_session_id
           log_processing_for_parameters
         end
       end
       def log_processing_for_request_id
         request_id = "\n\nProcessing #{self.class.name}\##{action_name} "
         request_id << "to #{params[:format]} " if params[:format]
@@ -1233,17 +1306,10 @@ module ActionController #:nodoc:
         logger.info(request_id)
       end
-      def log_processing_for_session_id
-        if @_session && @_session.respond_to?(:session_id) && @_session.respond_to?(:dbman) &&
-            !@_session.dbman.is_a?(CGI::Session::CookieStore)
-          logger.info "  Session ID: #{@_session.session_id}"
-        end
-      end
       def log_processing_for_parameters
         parameters = respond_to?(:filter_parameters) ? filter_parameters(params) : params.dup
         parameters = parameters.except!(:controller, :action, :format, :_method)
         logger.info "  Parameters: #{parameters.inspect}" unless parameters.empty?
       end
@@ -1258,10 +1324,17 @@ module ActionController #:nodoc:
         elsif respond_to? :method_missing
           method_missing action_name
           default_render unless performed?
-        elsif template_exists?
-          default_render
         else
-          raise UnknownAction, "No action responded to #{action_name}. Actions: #{action_methods.sort.to_sentence}", caller
+          begin
+            default_render
+          rescue ActionView::MissingTemplate => e
+            # Was the implicit template missing, or was it another template?
+            if e.path == default_template_name
+              raise UnknownAction, "No action responded to #{action_name}. Actions: #{action_methods.sort.to_sentence(:locale => :en)}", caller
+            else
+              raise e
+            end
+          end
         end
       end
@@ -1273,11 +1346,6 @@ module ActionController #:nodoc:
         @action_name = (params['action'] || 'index')
       end
-      def assign_default_content_type_and_charset
-        response.assign_default_content_type_and_charset!
-      end
-      deprecate :assign_default_content_type_and_charset => :'response.assign_default_content_type_and_charset!'
       def action_methods
         self.class.action_methods
       end
@@ -1308,14 +1376,8 @@ module ActionController #:nodoc:
         "#{request.protocol}#{request.host}#{request.request_uri}"
       end
-      def close_session
-        @_session.close if @_session && @_session.respond_to?(:close)
-      end
-      def template_exists?(template_name = default_template_name)
-        @template.send(:_pick_template, template_name) ? true : false
-      rescue ActionView::MissingTemplate
-        false
+      def default_template(action_name = self.action_name)
+        self.view_paths.find_template(default_template_name(action_name), default_template_format)
       end
       def default_template_name(action_name = self.action_name)
@@ -1337,7 +1399,16 @@ module ActionController #:nodoc:
       end
       def process_cleanup
-        close_session
       end
   end
+  Base.class_eval do
+    [ Filters, Layout, Benchmarking, Rescue, Flash, MimeResponds, Helpers,
+      Cookies, Caching, Verification, Streaming, SessionManagement,
+      HttpAuthentication::Basic::ControllerMethods, HttpAuthentication::Digest::ControllerMethods,
+      RecordIdentifier, RequestForgeryProtection, Translation
+    ].each do |mod|
+      include mod
+    end
+  end
 end