actionpack 3.2.19 → 4.0.0

data/lib/action_controller/caching/fragments.rb

@@ -1,59 +1,29 @@
-module ActionController #:nodoc:
+module ActionController
   module Caching
-    # Fragment caching is used for caching various blocks within 
+    # Fragment caching is used for caching various blocks within
     # views without caching the entire action as a whole. This is
-    # useful when certain elements of an action change frequently or 
-    # depend on complicated state while other parts rarely change or 
+    # useful when certain elements of an action change frequently or
+    # depend on complicated state while other parts rarely change or
     # can be shared amongst multiple parties. The caching is done using
-    # the <tt>cache</tt> helper available in the Action View. A 
-    # template with fragment caching might look like:
+    # the +cache+ helper available in the Action View. See
+    # ActionView::Helpers::CacheHelper for more information.
     #
-    #   <b>Hello <%= @name %></b>
+    # While it's strongly recommended that you use key-based cache
+    # expiration (see links in CacheHelper for more information),
+    # it is also possible to manually expire caches. For example:
     #
-    #   <% cache do %>
-    #     All the topics in the system:
-    #     <%= render :partial => "topic", :collection => Topic.all %>
-    #   <% end %>
-    #
-    # This cache will bind the name of the action that called it, so if
-    # this code was part of the view for the topics/list action, you 
-    # would be able to invalidate it using:
-    #
-    #   expire_fragment(:controller => "topics", :action => "list")
-    #
-    # This default behavior is limited if you need to cache multiple 
-    # fragments per action or if the action itself is cached using 
-    # <tt>caches_action</tt>. To remedy this, there is an option to 
-    # qualify the name of the cached fragment by using the 
-    # <tt>:action_suffix</tt> option:
-    #
-    #   <% cache(:action => "list", :action_suffix => "all_topics") do %>
-    #
-    # That would result in a name such as 
-    # <tt>/topics/list/all_topics</tt>, avoiding conflicts with the 
-    # action cache and with any fragments that use a different suffix.
-    # Note that the URL doesn't have to really exist or be callable
-    # - the url_for system is just used to generate unique cache names
-    # that we can refer to when we need to expire the cache.
-    #
-    # The expiration call for this example is:
-    #
-    #   expire_fragment(:controller => "topics", 
-    #                   :action => "list", 
-    #                   :action_suffix => "all_topics")
+    #   expire_fragment('name_of_cache')
     module Fragments
-      # Given a key (as described in <tt>expire_fragment</tt>), returns
-      # a key suitable for use in reading, writing, or expiring a 
-      # cached fragment. If the key is a hash, the generated key is the
-      # return value of url_for on that hash (without the protocol). 
-      # All keys are prefixed with <tt>views/</tt> and uses
+      # Given a key (as described in +expire_fragment+), returns
+      # a key suitable for use in reading, writing, or expiring a
+      # cached fragment. All keys are prefixed with <tt>views/</tt> and uses
       # ActiveSupport::Cache.expand_cache_key for the expansion.
       def fragment_cache_key(key)
         ActiveSupport::Cache.expand_cache_key(key.is_a?(Hash) ? url_for(key).split("://").last : key, :views)
       end
 
-      # Writes <tt>content</tt> to the location signified by 
-      # <tt>key</tt> (see <tt>expire_fragment</tt> for acceptable formats).
+      # Writes +content+ to the location signified by
+      # +key+ (see +expire_fragment+ for acceptable formats).
       def write_fragment(key, content, options = nil)
         return content unless cache_configured?
 
@@ -65,8 +35,8 @@ module ActionController #:nodoc:
         content
       end
 
-      # Reads a cached fragment from the location signified by <tt>key</tt>
-      # (see <tt>expire_fragment</tt> for acceptable formats).
+      # Reads a cached fragment from the location signified by +key+
+      # (see +expire_fragment+ for acceptable formats).
       def read_fragment(key, options = nil)
         return unless cache_configured?
 
@@ -77,8 +47,8 @@ module ActionController #:nodoc:
         end
       end
 
-      # Check if a cached fragment from the location signified by 
-      # <tt>key</tt> exists (see <tt>expire_fragment</tt> for acceptable formats)
+      # Check if a cached fragment from the location signified by
+      # +key+ exists (see +expire_fragment+ for acceptable formats).
       def fragment_exist?(key, options = nil)
         return unless cache_configured?
         key = fragment_cache_key(key)
@@ -95,7 +65,7 @@ module ActionController #:nodoc:
       # * String - This would normally take the form of a path, like
       #   <tt>pages/45/notes</tt>.
       # * Hash - Treated as an implicit call to +url_for+, like
-      #   <tt>{:controller => "pages", :action => "notes", :id => 45}</tt>
+      #   <tt>{ controller: 'pages', action: 'notes', id: 45}</tt>
       # * Regexp - Will remove any fragment that matches, so
       #   <tt>%r{pages/\d*/notes}</tt> might remove all notes. Make sure you
       #   don't use anchors in the regex (<tt>^</tt> or <tt>$</tt>) because
@@ -104,8 +74,8 @@ module ActionController #:nodoc:
       #   only supported on caches that can iterate over all keys (unlike
       #   memcached).
       #
-      # +options+ is passed through to the cache store's <tt>delete</tt>
-      # method (or <tt>delete_matched</tt>, for Regexp keys.)
+      # +options+ is passed through to the cache store's +delete+
+      # method (or <tt>delete_matched</tt>, for Regexp keys).
       def expire_fragment(key, options = nil)
         return unless cache_configured?
         key = fragment_cache_key(key) unless key.is_a?(Regexp)
@@ -119,7 +89,7 @@ module ActionController #:nodoc:
         end
       end
 
-      def instrument_fragment_cache(name, key)
+      def instrument_fragment_cache(name, key) # :nodoc:
         ActiveSupport::Notifications.instrument("#{name}.action_controller", :key => key){ yield }
       end
     end

data/lib/action_controller/caching.rb

@@ -2,41 +2,33 @@ require 'fileutils'
 require 'uri'
 require 'set'
 
-module ActionController #:nodoc:
+module ActionController
   # \Caching is a cheap way of speeding up slow applications by keeping the result of
   # calculations, renderings, and database calls around for subsequent requests.
-  # Action Controller affords you three approaches in varying levels of granularity:
-  # Page, Action, Fragment.
   #
-  # You can read more about each approach and the sweeping assistance by clicking the
-  # modules below.
+  # You can read more about each approach by clicking the modules below.
   #
-  # Note: To turn off all caching and sweeping, set
+  # Note: To turn off all caching, set
   #   config.action_controller.perform_caching = false.
   #
   # == \Caching stores
   #
   # All the caching stores from ActiveSupport::Cache are available to be used as backends
-  # for Action Controller caching. This setting only affects action and fragment caching
-  # as page caching is always written to disk.
+  # for Action Controller caching.
   #
   # Configuration examples (MemoryStore is the default):
   #
   #   config.action_controller.cache_store = :memory_store
-  #   config.action_controller.cache_store = :file_store, "/path/to/cache/directory"
-  #   config.action_controller.cache_store = :mem_cache_store, "localhost"
-  #   config.action_controller.cache_store = :mem_cache_store, Memcached::Rails.new("localhost:11211")
-  #   config.action_controller.cache_store = MyOwnStore.new("parameter")
+  #   config.action_controller.cache_store = :file_store, '/path/to/cache/directory'
+  #   config.action_controller.cache_store = :mem_cache_store, 'localhost'
+  #   config.action_controller.cache_store = :mem_cache_store, Memcached::Rails.new('localhost:11211')
+  #   config.action_controller.cache_store = MyOwnStore.new('parameter')
   module Caching
     extend ActiveSupport::Concern
     extend ActiveSupport::Autoload
 
     eager_autoload do
-      autoload :Actions
       autoload :Fragments
-      autoload :Pages
-      autoload :Sweeper, 'action_controller/caching/sweeping'
-      autoload :Sweeping, 'action_controller/caching/sweeping'
     end
 
     module ConfigMethods
@@ -48,39 +40,60 @@ module ActionController #:nodoc:
         config.cache_store = ActiveSupport::Cache.lookup_store(store)
       end
 
-    private
-
-      def cache_configured?
-        perform_caching && cache_store
-      end
+      private
+        def cache_configured?
+          perform_caching && cache_store
+        end
     end
 
     include RackDelegation
     include AbstractController::Callbacks
 
     include ConfigMethods
-    include Pages, Actions, Fragments
-    include Sweeping if defined?(ActiveRecord)
+    include Fragments
 
     included do
       extend ConfigMethods
 
+      config_accessor :default_static_extension
+      self.default_static_extension ||= '.html'
+
+      def self.page_cache_extension=(extension)
+        ActiveSupport::Deprecation.deprecation_warning(:page_cache_extension, :default_static_extension)
+        self.default_static_extension = extension
+      end
+
+      def self.page_cache_extension
+        ActiveSupport::Deprecation.deprecation_warning(:page_cache_extension, :default_static_extension)
+        default_static_extension
+      end
+
       config_accessor :perform_caching
       self.perform_caching = true if perform_caching.nil?
-    end
 
-    def caching_allowed?
-      request.get? && response.status == 200
+      class_attribute :_view_cache_dependencies
+      self._view_cache_dependencies = []
+      helper_method :view_cache_dependencies if respond_to?(:helper_method)
     end
 
-  protected
-    # Convenience accessor
-    def cache(key, options = {}, &block)
-      if cache_configured?
-        cache_store.fetch(ActiveSupport::Cache.expand_cache_key(key, :controller), options, &block)
-      else
-        yield
+    module ClassMethods
+      def view_cache_dependency(&dependency)
+        self._view_cache_dependencies += [dependency]
       end
     end
+
+    def view_cache_dependencies
+      self.class._view_cache_dependencies.map { |dep| instance_exec(&dep) }.compact
+    end
+
+    protected
+      # Convenience accessor.
+      def cache(key, options = {}, &block)
+        if cache_configured?
+          cache_store.fetch(ActiveSupport::Cache.expand_cache_key(key, :controller), options, &block)
+        else
+          yield
+        end
+      end
   end
 end

data/lib/action_controller/deprecated/integration_test.rb

@@ -1,2 +1,5 @@
 ActionController::Integration = ActionDispatch::Integration
 ActionController::IntegrationTest = ActionDispatch::IntegrationTest
+
+ActiveSupport::Deprecation.warn 'ActionController::Integration is deprecated and will be removed, use ActionDispatch::Integration instead.'
+ActiveSupport::Deprecation.warn 'ActionController::IntegrationTest is deprecated and will be removed, use ActionDispatch::IntegrationTest instead.'

data/lib/action_controller/deprecated.rb

@@ -1,3 +1,7 @@
 ActionController::AbstractRequest = ActionController::Request = ActionDispatch::Request
 ActionController::AbstractResponse = ActionController::Response = ActionDispatch::Response
-ActionController::Routing = ActionDispatch::Routing
+ActionController::Routing = ActionDispatch::Routing
+
+ActiveSupport::Deprecation.warn 'ActionController::AbstractRequest and ActionController::Request are deprecated and will be removed, use ActionDispatch::Request instead.'
+ActiveSupport::Deprecation.warn 'ActionController::AbstractResponse and ActionController::Response are deprecated and will be removed, use ActionDispatch::Response instead.'
+ActiveSupport::Deprecation.warn 'ActionController::Routing is deprecated and will be removed, use ActionDispatch::Routing instead.'

data/lib/action_controller/log_subscriber.rb

@@ -1,10 +1,11 @@
-require 'active_support/core_ext/object/blank'
 
 module ActionController
   class LogSubscriber < ActiveSupport::LogSubscriber
     INTERNAL_PARAMS = %w(controller action format _method only_path)
 
     def start_processing(event)
+      return unless logger.info?
+
       payload = event.payload
       params  = payload[:params].except(*INTERNAL_PARAMS)
       format  = payload[:format]
@@ -15,6 +16,8 @@ module ActionController
     end
 
     def process_action(event)
+      return unless logger.info?
+
       payload   = event.payload
       additions = ActionController::Base.log_process_action(payload)
 
@@ -23,36 +26,41 @@ module ActionController
         exception_class_name = payload[:exception].first
         status = ActionDispatch::ExceptionWrapper.status_code_for_exception(exception_class_name)
       end
-      message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{format_duration(event.duration)}"
+      message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms"
       message << " (#{additions.join(" | ")})" unless additions.blank?
 
       info(message)
     end
 
     def halted_callback(event)
-      info "Filter chain halted as #{event.payload[:filter]} rendered or redirected"
+      info("Filter chain halted as #{event.payload[:filter]} rendered or redirected")
     end
 
     def send_file(event)
-      info("Sent file #{event.payload[:path]} (#{format_duration(event.duration)})")
+      info("Sent file #{event.payload[:path]} (#{event.duration.round(1)}ms)")
     end
 
     def redirect_to(event)
-      info "Redirected to #{event.payload[:location]}"
+      info("Redirected to #{event.payload[:location]}")
     end
 
     def send_data(event)
-      info("Sent data #{event.payload[:filename]}  (#{format_duration(event.duration)})")
+      info("Sent data #{event.payload[:filename]} (#{event.duration.round(1)}ms)")
+    end
+
+    def unpermitted_parameters(event)
+      unpermitted_keys = event.payload[:keys]
+      debug("Unpermitted parameters: #{unpermitted_keys.join(", ")}")
     end
 
     %w(write_fragment read_fragment exist_fragment?
        expire_fragment expire_page write_page).each do |method|
       class_eval <<-METHOD, __FILE__, __LINE__ + 1
         def #{method}(event)
+          return unless logger.info?
           key_or_path = event.payload[:key] || event.payload[:path]
           human_name  = #{method.to_s.humanize.inspect}
-          duration = format_duration(event.duration)
-          info("\#{human_name} \#{key_or_path} \#{duration}")
+          info("\#{human_name} \#{key_or_path} (\#{event.duration.round(1)}ms)")
         end
       METHOD
     end

data/lib/action_controller/metal/conditional_get.rb

@@ -1,3 +1,5 @@
+require 'active_support/core_ext/hash/keys'
+
 module ActionController
   module ConditionalGet
     extend ActiveSupport::Concern
@@ -5,25 +7,53 @@ module ActionController
     include RackDelegation
     include Head
 
-    # Sets the etag, last_modified, or both on the response and renders a
+    included do
+      class_attribute :etaggers
+      self.etaggers = []
+    end
+
+    module ClassMethods
+      # Allows you to consider additional controller-wide information when generating an etag.
+      # For example, if you serve pages tailored depending on who's logged in at the moment, you
+      # may want to add the current user id to be part of the etag to prevent authorized displaying
+      # of cached pages.
+      #
+      #   class InvoicesController < ApplicationController
+      #     etag { current_user.try :id }
+      #
+      #     def show
+      #       # Etag will differ even for the same invoice when it's viewed by a different current_user
+      #       @invoice = Invoice.find(params[:id])
+      #       fresh_when(@invoice)
+      #     end
+      #   end
+      def etag(&etagger)
+        self.etaggers += [etagger]
+      end
+    end
+
+    # Sets the etag, +last_modified+, or both on the response and renders a
     # <tt>304 Not Modified</tt> response if the request is already fresh.
     #
-    # Parameters:
-    # * <tt>:etag</tt>
-    # * <tt>:last_modified</tt>
-    # * <tt>:public</tt> By default the Cache-Control header is private, set this to true if you want your application to be cachable by other devices (proxy caches).
+    # === Parameters:
     #
-    # Example:
+    # * <tt>:etag</tt>.
+    # * <tt>:last_modified</tt>.
+    # * <tt>:public</tt> By default the Cache-Control header is private, set this to
+    #   +true+ if you want your application to be cachable by other devices (proxy caches).
+    #
+    # === Example:
     #
     #   def show
     #     @article = Article.find(params[:id])
-    #     fresh_when(:etag => @article, :last_modified => @article.created_at, :public => true)
+    #     fresh_when(etag: @article, last_modified: @article.created_at, public: true)
     #   end
     #
     # This will render the show template if the request isn't sending a matching etag or
     # If-Modified-Since header and just a <tt>304 Not Modified</tt> response if there's a match.
     #
-    # You can also just pass a record where last_modified will be set by calling updated_at and the etag by passing the object itself. Example:
+    # You can also just pass a record where +last_modified+ will be set by calling
+    # +updated_at+ and the etag by passing the object itself.
     #
     #   def show
     #     @article = Article.find(params[:id])
@@ -34,7 +64,7 @@ module ActionController
     #
     #   def show
     #     @article = Article.find(params[:id])
-    #     fresh_when(@article, :public => true)
+    #     fresh_when(@article, public: true)
     #   end
     def fresh_when(record_or_options, additional_options = {})
       if record_or_options.is_a? Hash
@@ -42,32 +72,34 @@ module ActionController
         options.assert_valid_keys(:etag, :last_modified, :public)
       else
         record  = record_or_options
-        options = { :etag => record, :last_modified => record.try(:updated_at) }.merge(additional_options)
+        options = { etag: record, last_modified: record.try(:updated_at) }.merge!(additional_options)
       end
 
-      response.etag          = options[:etag]          if options[:etag]
-      response.last_modified = options[:last_modified] if options[:last_modified]
-      response.cache_control[:public] = true if options[:public]
+      response.etag          = combine_etags(options[:etag]) if options[:etag]
+      response.last_modified = options[:last_modified]       if options[:last_modified]
+      response.cache_control[:public] = true                 if options[:public]
 
       head :not_modified if request.fresh?(response)
     end
 
-    # Sets the etag and/or last_modified on the response and checks it against
+    # Sets the +etag+ and/or +last_modified+ on the response and checks it against
     # the client request. If the request doesn't match the options provided, the
     # request is considered stale and should be generated from scratch. Otherwise,
     # it's fresh and we don't need to generate anything and a reply of <tt>304 Not Modified</tt> is sent.
     #
-    # Parameters:
-    # * <tt>:etag</tt>
-    # * <tt>:last_modified</tt>
-    # * <tt>:public</tt> By default the Cache-Control header is private, set this to true if you want your application to be cachable by other devices (proxy caches).
+    # === Parameters:
+    #
+    # * <tt>:etag</tt>.
+    # * <tt>:last_modified</tt>.
+    # * <tt>:public</tt> By default the Cache-Control header is private, set this to
+    #   +true+ if you want your application to be cachable by other devices (proxy caches).
     #
-    # Example:
+    # === Example:
     #
     #   def show
     #     @article = Article.find(params[:id])
     #
-    #     if stale?(:etag => @article, :last_modified => @article.created_at)
+    #     if stale?(etag: @article, last_modified: @article.created_at)
     #       @statistics = @article.really_expensive_call
     #       respond_to do |format|
     #         # all the supported formats
@@ -75,7 +107,8 @@ module ActionController
     #     end
     #   end
     #
-    # You can also just pass a record where last_modified will be set by calling updated_at and the etag by passing the object itself. Example:
+    # You can also just pass a record where +last_modified+ will be set by calling
+    # updated_at and the etag by passing the object itself.
     #
     #   def show
     #     @article = Article.find(params[:id])
@@ -93,7 +126,7 @@ module ActionController
     #   def show
     #     @article = Article.find(params[:id])
     #
-    #     if stale?(@article, :public => true)
+    #     if stale?(@article, public: true)
     #       @statistics = @article.really_expensive_call
     #       respond_to do |format|
     #         # all the supported formats
@@ -105,27 +138,38 @@ module ActionController
       !request.fresh?(response)
     end
 
-    # Sets a HTTP 1.1 Cache-Control header. Defaults to issuing a <tt>private</tt> instruction, so that
-    # intermediate caches must not cache the response.
+    # Sets a HTTP 1.1 Cache-Control header. Defaults to issuing a +private+
+    # instruction, so that intermediate caches must not cache the response.
     #
-    # Examples:
     #   expires_in 20.minutes
-    #   expires_in 3.hours, :public => true
-    #   expires_in 3.hours, 'max-stale' => 5.hours, :public => true
+    #   expires_in 3.hours, public: true
+    #   expires_in 3.hours, public: true, must_revalidate: true
     #
     # This method will overwrite an existing Cache-Control header.
     # See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html for more possibilities.
-    def expires_in(seconds, options = {}) #:doc:
-      response.cache_control.merge!(:max_age => seconds, :public => options.delete(:public))
+    #
+    # The method will also ensure a HTTP Date header for client compatibility.
+    def expires_in(seconds, options = {})
+      response.cache_control.merge!(
+        :max_age         => seconds,
+        :public          => options.delete(:public),
+        :must_revalidate => options.delete(:must_revalidate)
+      )
       options.delete(:private)
 
       response.cache_control[:extras] = options.map {|k,v| "#{k}=#{v}"}
+      response.date = Time.now unless response.date?
     end
 
-    # Sets a HTTP 1.1 Cache-Control header of <tt>no-cache</tt> so no caching should occur by the browser or
-    # intermediate caches (like caching proxy servers).
-    def expires_now #:doc:
+    # Sets a HTTP 1.1 Cache-Control header of <tt>no-cache</tt> so no caching should
+    # occur by the browser or intermediate caches (like caching proxy servers).
+    def expires_now
       response.cache_control.replace(:no_cache => true)
     end
+
+    private
+      def combine_etags(etag)
+        [ etag, *etaggers.map { |etagger| instance_exec(&etagger) }.compact ]
+      end
   end
 end

data/lib/action_controller/metal/data_streaming.rb

@@ -1,4 +1,3 @@
-require 'active_support/core_ext/file/path'
 require 'action_controller/metal/exceptions'
 
 module ActionController #:nodoc:
@@ -9,15 +8,13 @@ module ActionController #:nodoc:
 
     include ActionController::Rendering
 
-    DEFAULT_SEND_FILE_OPTIONS = {
-      :type         => 'application/octet-stream'.freeze,
-      :disposition  => 'attachment'.freeze,
-    }.freeze
+    DEFAULT_SEND_FILE_TYPE        = 'application/octet-stream'.freeze #:nodoc:
+    DEFAULT_SEND_FILE_DISPOSITION = 'attachment'.freeze #:nodoc:
 
     protected
       # Sends the file. This uses a server-appropriate method (such as X-Sendfile)
       # via the Rack::Sendfile middleware. The header to use is set via
-      # config.action_dispatch.x_sendfile_header.
+      # +config.action_dispatch.x_sendfile_header+.
       # Your server can also configure this for you by setting the X-Sendfile-Type header.
       #
       # Be careful to sanitize the path parameter if it is coming from a web
@@ -50,11 +47,11 @@ module ActionController #:nodoc:
       #
       # Show a JPEG in the browser:
       #
-      #   send_file '/path/to.jpeg', :type => 'image/jpeg', :disposition => 'inline'
+      #   send_file '/path/to.jpeg', type: 'image/jpeg', disposition: 'inline'
       #
       # Show a 404 page in the browser:
       #
-      #   send_file '/path/to/404.html', :type => 'text/html; charset=utf-8', :status => 404
+      #   send_file '/path/to/404.html', type: 'text/html; charset=utf-8', status: 404
       #
       # Read about the other Content-* HTTP headers if you'd like to
       # provide the user with more information (such as Content-Description) in
@@ -99,7 +96,7 @@ module ActionController #:nodoc:
       end
 
       # Sends the given binary data to the browser. This method is similar to
-      # <tt>render :text => data</tt>, but also allows you to specify whether
+      # <tt>render text: data</tt>, but also allows you to specify whether
       # the browser should display the response as a file attachment (i.e. in a
       # download dialog) or as inline data. You may also set the content type,
       # the apparent file name, and other things.
@@ -120,15 +117,15 @@ module ActionController #:nodoc:
       #
       # Download a dynamically-generated tarball:
       #
-      #   send_data generate_tgz('dir'), :filename => 'dir.tgz'
+      #   send_data generate_tgz('dir'), filename: 'dir.tgz'
       #
       # Display an image Active Record in the browser:
       #
-      #   send_data image.data, :type => image.content_type, :disposition => 'inline'
+      #   send_data image.data, type: image.content_type, disposition: 'inline'
       #
       # See +send_file+ for more information on HTTP Content-* headers and caching.
       def send_data(data, options = {}) #:doc:
-        send_file_headers! options.dup
+        send_file_headers! options
         render options.slice(:status, :content_type).merge(:text => data)
       end
 
@@ -136,15 +133,8 @@ module ActionController #:nodoc:
       def send_file_headers!(options)
         type_provided = options.has_key?(:type)
 
-        options.update(DEFAULT_SEND_FILE_OPTIONS.merge(options))
-        [:type, :disposition].each do |arg|
-          raise ArgumentError, ":#{arg} option required" if options[arg].nil?
-        end
-
-        disposition = options[:disposition].to_s
-        disposition += %(; filename="#{options[:filename]}") if options[:filename]
-
-        content_type = options[:type]
+        content_type = options.fetch(:type, DEFAULT_SEND_FILE_TYPE)
+        raise ArgumentError, ":type option required" if content_type.nil?
 
         if content_type.is_a?(Symbol)
           extension = Mime[content_type]
@@ -153,15 +143,19 @@ module ActionController #:nodoc:
         else
           if !type_provided && options[:filename]
             # If type wasn't provided, try guessing from file extension.
-            content_type = Mime::Type.lookup_by_extension(File.extname(options[:filename]).downcase.tr('.','')) || content_type
+            content_type = Mime::Type.lookup_by_extension(File.extname(options[:filename]).downcase.delete('.')) || content_type
           end
           self.content_type = content_type
         end
 
-        headers.merge!(
-          'Content-Disposition'       => disposition,
-          'Content-Transfer-Encoding' => 'binary'
-        )
+        disposition = options.fetch(:disposition, DEFAULT_SEND_FILE_DISPOSITION)
+        unless disposition.nil?
+          disposition  = disposition.to_s
+          disposition += %(; filename="#{options[:filename]}") if options[:filename]
+          headers['Content-Disposition'] = disposition
+        end
+
+        headers['Content-Transfer-Encoding'] = 'binary'
 
         response.sending_file = true