actionpack 4.2.11.3 → 5.0.0.beta1

data/lib/action_dispatch/routing/url_for.rb

@@ -1,7 +1,7 @@
 module ActionDispatch
   module Routing
     # In <tt>config/routes.rb</tt> you define URL-to-controller mappings, but the reverse
-    # is also possible: an URL can be generated from one of your routing definitions.
+    # is also possible: a URL can be generated from one of your routing definitions.
     # URL generation functionality is centralized in this module.
     #
     # See ActionDispatch::Routing for general information about routing and routes.rb.
@@ -52,9 +52,11 @@ module ActionDispatch
     # argument.
     #
     # For convenience reasons, mailers provide a shortcut for ActionController::UrlFor#url_for.
-    # So within mailers, you only have to type 'url_for' instead of 'ActionController::UrlFor#url_for'
-    # in full. However, mailers don't have hostname information, and that's why you'll still
-    # have to specify the <tt>:host</tt> argument when generating URLs in mailers.
+    # So within mailers, you only have to type +url_for+ instead of 'ActionController::UrlFor#url_for'
+    # in full. However, mailers don't have hostname information, and you still have to provide
+    # the +:host+ argument or set the default host that will be used in all mailers using the
+    # configuration option +config.action_mailer.default_url_options+. For more information on
+    # url_for in mailers read the ActionMailer#Base documentation.
     #
     #
     # == URL generation for named routes
@@ -147,6 +149,20 @@ module ActionDispatch
       #    # => 'http://somehost.org/myapp/tasks/testing'
       #    url_for controller: 'tasks', action: 'testing', host: 'somehost.org', script_name: "/myapp", only_path: true
       #    # => '/myapp/tasks/testing'
+      #
+      # Missing routes keys may be filled in from the current request's parameters
+      # (e.g. +:controller+, +:action+, +:id+ and any other parameters that are
+      # placed in the path). Given that the current action has been reached
+      # through `GET /users/1`:
+      #
+      #   url_for(only_path: true)                        # => '/users/1'
+      #   url_for(only_path: true, action: 'edit')        # => '/users/1/edit'
+      #   url_for(only_path: true, action: 'edit', id: 2) # => '/users/2/edit'
+      #
+      # Notice that no +:id+ parameter was provided to the first +url_for+ call
+      # and the helper used the one from the route's path. Any path parameter
+      # implicitly used by +url_for+ can always be overwritten like shown on the
+      # last +url_for+ calls.
       def url_for(options = nil)
         case options
         when nil
@@ -155,6 +171,13 @@ module ActionDispatch
           route_name = options.delete :use_route
           _routes.url_for(options.symbolize_keys.reverse_merge!(url_options),
                          route_name)
+        when ActionController::Parameters
+          unless options.permitted?
+            raise ArgumentError.new("Generating an URL from non sanitized request parameters is insecure!")
+          end
+          route_name = options.delete :use_route
+          _routes.url_for(options.to_h.symbolize_keys.
+                          reverse_merge!(url_options), route_name)
         when String
           options
         when Symbol
@@ -185,12 +208,6 @@ module ActionDispatch
       def _routes_context
         self
       end
-
-      private
-
-        def _generate_paths_by_default
-          true
-        end
     end
   end
 end

data/lib/action_dispatch/testing/assertions.rb

@@ -12,7 +12,7 @@ module ActionDispatch
     include Rails::Dom::Testing::Assertions
 
     def html_document
-      @html_document ||= if @response.content_type.to_s =~ /xml$/
+      @html_document ||= if @response.content_type.to_s =~ /xml\z/
         Nokogiri::XML::Document.parse(@response.body)
       else
         Nokogiri::HTML::Document.parse(@response.body)

data/lib/action_dispatch/testing/assertions/response.rb

@@ -3,6 +3,13 @@ module ActionDispatch
   module Assertions
     # A small suite of assertions that test responses from \Rails applications.
     module ResponseAssertions
+      RESPONSE_PREDICATES = { # :nodoc:
+        success:  :successful?,
+        missing:  :not_found?,
+        redirect: :redirection?,
+        error:    :server_error?,
+      }
+
       # Asserts that the response is one of the following types:
       #
       # * <tt>:success</tt>   - Status code was in the 200-299 range
@@ -14,17 +21,17 @@ module ActionDispatch
       # or its symbolic equivalent <tt>assert_response(:not_implemented)</tt>.
       # See Rack::Utils::SYMBOL_TO_STATUS_CODE for a full list.
       #
-      #   # assert that the response was a redirection
+      #   # Asserts that the response was a redirection
       #   assert_response :redirect
       #
-      #   # assert that the response code was status code 401 (unauthorized)
+      #   # Asserts that the response code was status code 401 (unauthorized)
       #   assert_response 401
       def assert_response(type, message = nil)
-        message ||= "Expected response to be a <#{type}>, but was <#{@response.response_code}>"
+        message ||= generate_response_message(type)
 
         if Symbol === type
           if [:success, :missing, :redirect, :error].include?(type)
-            assert @response.send("#{type}?"), message
+            assert @response.send(RESPONSE_PREDICATES[type]), message
           else
             code = Rack::Utils::SYMBOL_TO_STATUS_CODE[type]
             if code.nil?
@@ -37,20 +44,20 @@ module ActionDispatch
         end
       end
 
-      # Assert that the redirection options passed in match those of the redirect called in the latest action.
+      # Asserts that the redirection options passed in match those of the redirect called in the latest action.
       # This match can be partial, such that <tt>assert_redirected_to(controller: "weblog")</tt> will also
       # match the redirection of <tt>redirect_to(controller: "weblog", action: "show")</tt> and so on.
       #
-      #   # assert that the redirection was to the "index" action on the WeblogController
+      #   # Asserts that the redirection was to the "index" action on the WeblogController
       #   assert_redirected_to controller: "weblog", action: "index"
       #
-      #   # assert that the redirection was to the named route login_url
+      #   # Asserts that the redirection was to the named route login_url
       #   assert_redirected_to login_url
       #
-      #   # assert that the redirection was to the url for @customer
+      #   # Asserts that the redirection was to the url for @customer
       #   assert_redirected_to @customer
       #
-      #   # asserts that the redirection matches the regular expression
+      #   # Asserts that the redirection matches the regular expression
       #   assert_redirected_to %r(\Ahttp://example.org)
       def assert_redirected_to(options = {}, message=nil)
         assert_response(:redirect, message)
@@ -77,6 +84,17 @@ module ActionDispatch
             handle._compute_redirect_to_location(@request, fragment)
           end
         end
+
+        def generate_response_message(type, code = @response.response_code)
+          "Expected response to be a <#{type}>, but was a <#{code}>"
+          .concat location_if_redirected
+        end
+
+        def location_if_redirected
+          return '' unless @response.redirection? && @response.location.present?
+          location = normalize_argument_to_redirection(@response.location)
+          " redirect to <#{location}>"
+        end
     end
   end
 end

data/lib/action_dispatch/testing/assertions/routing.rb

@@ -14,14 +14,14 @@ module ActionDispatch
       # requiring a specific HTTP method. The hash should contain a :path with the incoming request path
       # and a :method containing the required HTTP verb.
       #
-      #   # assert that POSTing to /items will call the create action on ItemsController
+      #   # Asserts that POSTing to /items will call the create action on ItemsController
       #   assert_recognizes({controller: 'items', action: 'create'}, {path: 'items', method: :post})
       #
       # You can also pass in +extras+ with a hash containing URL parameters that would normally be in the query string. This can be used
-      # to assert that values in the query string string will end up in the params hash correctly. To test query strings you must use the
+      # to assert that values in the query string will end up in the params hash correctly. To test query strings you must use the
       # extras argument, appending the query string on the path directly will not work. For example:
       #
-      #   # assert that a path of '/items/list/1?view=print' returns the correct options
+      #   # Asserts that a path of '/items/list/1?view=print' returns the correct options
       #   assert_recognizes({controller: 'items', action: 'list', id: '1', view: 'print'}, 'items/list/1', { view: "print" })
       #
       # The +message+ parameter allows you to pass in an error message that is displayed upon failure.
@@ -86,8 +86,8 @@ module ActionDispatch
         end
         # Load routes.rb if it hasn't been loaded.
 
-        generated_path, extra_keys = @routes.generate_extras(options, defaults)
-        found_extras = options.reject { |k, _| ! extra_keys.include? k }
+        generated_path, query_string_keys = @routes.generate_extras(options, defaults)
+        found_extras = options.reject { |k, _| ! query_string_keys.include? k }
 
         msg = message || sprintf("found extras <%s>, not <%s>", found_extras, extras)
         assert_equal(extras, found_extras, msg)
@@ -104,13 +104,13 @@ module ActionDispatch
       # The +extras+ hash allows you to specify options that would normally be provided as a query string to the action. The
       # +message+ parameter allows you to specify a custom error message to display upon failure.
       #
-      #  # Assert a basic route: a controller with the default action (index)
+      #  # Asserts a basic route: a controller with the default action (index)
       #  assert_routing '/home', controller: 'home', action: 'index'
       #
       #  # Test a route generated with a specific controller, action, and parameter (id)
       #  assert_routing '/entries/show/23', controller: 'entries', action: 'show', id: 23
       #
-      #  # Assert a basic route (controller + default action), with an error message if it fails
+      #  # Asserts a basic route (controller + default action), with an error message if it fails
       #  assert_routing '/store', { controller: 'store', action: 'index' }, {}, {}, 'Route for store index not generated properly'
       #
       #  # Tests a route, providing a defaults hash
@@ -150,7 +150,7 @@ module ActionDispatch
           old_controller, @controller = @controller, @controller.clone
           _routes = @routes
 
-          @controller.singleton_class.send(:include, _routes.url_helpers)
+          @controller.singleton_class.include(_routes.url_helpers)
           @controller.view_context_class = Class.new(@controller.view_context_class) do
             include _routes.url_helpers
           end
@@ -183,7 +183,7 @@ module ActionDispatch
           end
 
           # Assume given controller
-          request = ActionController::TestRequest.new
+          request = ActionController::TestRequest.create
 
           if path =~ %r{://}
             fail_on(URI::InvalidURIError, msg) do

data/lib/action_dispatch/testing/integration.rb

@@ -2,6 +2,7 @@ require 'stringio'
 require 'uri'
 require 'active_support/core_ext/kernel/singleton_class'
 require 'active_support/core_ext/object/try'
+require 'active_support/core_ext/string/strip'
 require 'rack/test'
 require 'minitest'
 
@@ -12,12 +13,14 @@ module ActionDispatch
       #
       # - +path+: The URI (as a String) on which you want to perform a GET
       #   request.
-      # - +parameters+: The HTTP parameters that you want to pass. This may
+      # - +params+: The HTTP parameters that you want to pass. This may
       #   be +nil+,
       #   a Hash, or a String that is appropriately encoded
       #   (<tt>application/x-www-form-urlencoded</tt> or
       #   <tt>multipart/form-data</tt>).
-      # - +headers_or_env+: Additional headers to pass, as a Hash. The headers will be
+      # - +headers+: Additional headers to pass, as a Hash. The headers will be
+      #   merged into the Rack env hash.
+      # - +env+: Additional env to pass, as a Hash. The headers will be
       #   merged into the Rack env hash.
       #
       # This method returns a Response object, which one can use to
@@ -28,38 +31,43 @@ module ActionDispatch
       #
       # You can also perform POST, PATCH, PUT, DELETE, and HEAD requests with
       # +#post+, +#patch+, +#put+, +#delete+, and +#head+.
-      def get(path, parameters = nil, headers_or_env = nil)
-        process :get, path, parameters, headers_or_env
+      #
+      # Example:
+      #
+      #   get '/feed', params: { since: 201501011400 }
+      #   post '/profile', headers: { "X-Test-Header" => "testvalue" }
+      def get(path, *args)
+        process_with_kwargs(:get, path, *args)
       end
 
       # Performs a POST request with the given parameters. See +#get+ for more
       # details.
-      def post(path, parameters = nil, headers_or_env = nil)
-        process :post, path, parameters, headers_or_env
+      def post(path, *args)
+        process_with_kwargs(:post, path, *args)
       end
 
       # Performs a PATCH request with the given parameters. See +#get+ for more
       # details.
-      def patch(path, parameters = nil, headers_or_env = nil)
-        process :patch, path, parameters, headers_or_env
+      def patch(path, *args)
+        process_with_kwargs(:patch, path, *args)
       end
 
       # Performs a PUT request with the given parameters. See +#get+ for more
       # details.
-      def put(path, parameters = nil, headers_or_env = nil)
-        process :put, path, parameters, headers_or_env
+      def put(path, *args)
+        process_with_kwargs(:put, path, *args)
       end
 
       # Performs a DELETE request with the given parameters. See +#get+ for
       # more details.
-      def delete(path, parameters = nil, headers_or_env = nil)
-        process :delete, path, parameters, headers_or_env
+      def delete(path, *args)
+        process_with_kwargs(:delete, path, *args)
       end
 
       # Performs a HEAD request with the given parameters. See +#get+ for more
       # details.
-      def head(path, parameters = nil, headers_or_env = nil)
-        process :head, path, parameters, headers_or_env
+      def head(path, *args)
+        process_with_kwargs(:head, path, *args)
       end
 
       # Performs an XMLHttpRequest request with the given parameters, mirroring
@@ -68,11 +76,29 @@ module ActionDispatch
       # The request_method is +:get+, +:post+, +:patch+, +:put+, +:delete+ or
       # +:head+; the parameters are +nil+, a hash, or a url-encoded or multipart
       # string; the headers are a hash.
-      def xml_http_request(request_method, path, parameters = nil, headers_or_env = nil)
-        headers_or_env ||= {}
-        headers_or_env['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
-        headers_or_env['HTTP_ACCEPT'] ||= [Mime::JS, Mime::HTML, Mime::XML, 'text/xml', Mime::ALL].join(', ')
-        process(request_method, path, parameters, headers_or_env)
+      #
+      # Example:
+      #
+      #   xhr :get, '/feed', params: { since: 201501011400 }
+      def xml_http_request(request_method, path, *args)
+        if kwarg_request?(args)
+          params, headers, env = args.first.values_at(:params, :headers, :env)
+        else
+          params = args[0]
+          headers = args[1]
+          env = {}
+
+          if params.present? || headers.present?
+            non_kwarg_request_warning
+          end
+        end
+
+        ActiveSupport::Deprecation.warn(<<-MSG.strip_heredoc)
+          xhr and xml_http_request methods are deprecated in favor of
+          `get "/posts", xhr: true` and `post "/posts/1", xhr: true`
+        MSG
+
+        process(request_method, path, params: params, headers: headers, xhr: true)
       end
       alias xhr :xml_http_request
 
@@ -89,40 +115,52 @@ module ActionDispatch
       # redirect. Note that the redirects are followed until the response is
       # not a redirect--this means you may run into an infinite loop if your
       # redirect loops back to itself.
-      def request_via_redirect(http_method, path, parameters = nil, headers_or_env = nil)
-        process(http_method, path, parameters, headers_or_env)
+      #
+      # Example:
+      #
+      #   request_via_redirect :post, '/welcome',
+      #     params: { ref_id: 14 },
+      #     headers: { "X-Test-Header" => "testvalue" }
+      def request_via_redirect(http_method, path, *args)
+        process_with_kwargs(http_method, path, *args)
+
         follow_redirect! while redirect?
         status
       end
 
       # Performs a GET request, following any subsequent redirect.
       # See +request_via_redirect+ for more information.
-      def get_via_redirect(path, parameters = nil, headers_or_env = nil)
-        request_via_redirect(:get, path, parameters, headers_or_env)
+      def get_via_redirect(path, *args)
+        ActiveSupport::Deprecation.warn('`get_via_redirect` is deprecated and will be removed in Rails 5.1. Please use follow_redirect! manually after the request call for the same behavior.')
+        request_via_redirect(:get, path, *args)
       end
 
       # Performs a POST request, following any subsequent redirect.
       # See +request_via_redirect+ for more information.
-      def post_via_redirect(path, parameters = nil, headers_or_env = nil)
-        request_via_redirect(:post, path, parameters, headers_or_env)
+      def post_via_redirect(path, *args)
+        ActiveSupport::Deprecation.warn('`post_via_redirect` is deprecated and will be removed in Rails 5.1. Please use follow_redirect! manually after the request call for the same behavior.')
+        request_via_redirect(:post, path, *args)
       end
 
       # Performs a PATCH request, following any subsequent redirect.
       # See +request_via_redirect+ for more information.
-      def patch_via_redirect(path, parameters = nil, headers_or_env = nil)
-        request_via_redirect(:patch, path, parameters, headers_or_env)
+      def patch_via_redirect(path, *args)
+        ActiveSupport::Deprecation.warn('`patch_via_redirect` is deprecated and will be removed in Rails 5.1. Please use follow_redirect! manually after the request call for the same behavior.')
+        request_via_redirect(:patch, path, *args)
       end
 
       # Performs a PUT request, following any subsequent redirect.
       # See +request_via_redirect+ for more information.
-      def put_via_redirect(path, parameters = nil, headers_or_env = nil)
-        request_via_redirect(:put, path, parameters, headers_or_env)
+      def put_via_redirect(path, *args)
+        ActiveSupport::Deprecation.warn('`put_via_redirect` is deprecated and will be removed in Rails 5.1. Please use follow_redirect! manually after the request call for the same behavior.')
+        request_via_redirect(:put, path, *args)
       end
 
       # Performs a DELETE request, following any subsequent redirect.
       # See +request_via_redirect+ for more information.
-      def delete_via_redirect(path, parameters = nil, headers_or_env = nil)
-        request_via_redirect(:delete, path, parameters, headers_or_env)
+      def delete_via_redirect(path, *args)
+        ActiveSupport::Deprecation.warn('`delete_via_redirect` is deprecated and will be removed in Rails 5.1. Please use follow_redirect! manually after the request call for the same behavior.')
+        request_via_redirect(:delete, path, *args)
       end
     end
 
@@ -185,15 +223,6 @@ module ActionDispatch
         super()
         @app = app
 
-        # If the app is a Rails app, make url_helpers available on the session
-        # This makes app.url_for and app.foo_path available in the console
-        if app.respond_to?(:routes)
-          singleton_class.class_eval do
-            include app.routes.url_helpers
-            include app.routes.mounted_helpers
-          end
-        end
-
         reset!
       end
 
@@ -261,20 +290,54 @@ module ActionDispatch
           @_mock_session ||= Rack::MockSession.new(@app, host)
         end
 
+        def process_with_kwargs(http_method, path, *args)
+          if kwarg_request?(args)
+            process(http_method, path, *args)
+          else
+            non_kwarg_request_warning if args.any?
+            process(http_method, path, { params: args[0], headers: args[1] })
+          end
+        end
+
+        REQUEST_KWARGS = %i(params headers env xhr)
+        def kwarg_request?(args)
+          args[0].respond_to?(:keys) && args[0].keys.any? { |k| REQUEST_KWARGS.include?(k) }
+        end
+
+        def non_kwarg_request_warning
+          ActiveSupport::Deprecation.warn(<<-MSG.strip_heredoc)
+            ActionDispatch::IntegrationTest HTTP request methods will accept only
+            the following keyword arguments in future Rails versions:
+            #{REQUEST_KWARGS.join(', ')}
+
+            Examples:
+
+            get '/profile',
+              params: { id: 1 },
+              headers: { 'X-Extra-Header' => '123' },
+              env: { 'action_dispatch.custom' => 'custom' },
+              xhr: true
+          MSG
+        end
+
         # Performs the actual request.
-        def process(method, path, parameters = nil, headers_or_env = nil)
+        def process(method, path, params: nil, headers: nil, env: nil, xhr: false)
           if path =~ %r{://}
             location = URI.parse(path)
             https! URI::HTTPS === location if location.scheme
-            host! "#{location.host}:#{location.port}" if location.host
+            if url_host = location.host
+              default = Rack::Request::DEFAULT_PORTS[location.scheme]
+              url_host += ":#{location.port}" if default != location.port
+              host! url_host
+            end
             path = location.query ? "#{location.path}?#{location.query}" : location.path
           end
 
           hostname, port = host.split(':')
 
-          env = {
+          request_env = {
             :method => method,
-            :params => parameters,
+            :params => params,
 
             "SERVER_NAME"     => hostname,
             "SERVER_PORT"     => port || (https? ? "443" : "80"),
@@ -287,26 +350,38 @@ module ActionDispatch
             "CONTENT_TYPE"   => "application/x-www-form-urlencoded",
             "HTTP_ACCEPT"    => accept
           }
-          # this modifies the passed env directly
-          Http::Headers.new(env).merge!(headers_or_env || {})
+
+          if xhr
+            headers ||= {}
+            headers['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
+            headers['HTTP_ACCEPT'] ||= [Mime[:js], Mime[:html], Mime[:xml], 'text/xml', '*/*'].join(', ')
+          end
+
+          # this modifies the passed request_env directly
+          if headers.present?
+            Http::Headers.from_hash(request_env).merge!(headers)
+          end
+          if env.present?
+            Http::Headers.from_hash(request_env).merge!(env)
+          end
 
           session = Rack::Test::Session.new(_mock_session)
 
           # NOTE: rack-test v0.5 doesn't build a default uri correctly
           # Make sure requested path is always a full uri
-          session.request(build_full_uri(path, env), env)
+          session.request(build_full_uri(path, request_env), request_env)
 
           @request_count += 1
           @request  = ActionDispatch::Request.new(session.last_request.env)
           response = _mock_session.last_response
           @response = ActionDispatch::TestResponse.from_response(response)
+          @response.request = @request
           @html_document = nil
-          @html_scanner_document = nil
           @url_options = nil
 
-          @controller = session.last_request.env['action_controller.instance']
+          @controller = @request.controller_instance
 
-          return response.status
+          response.status
         end
 
         def build_full_uri(path, env)
@@ -317,14 +392,36 @@ module ActionDispatch
     module Runner
       include ActionDispatch::Assertions
 
-      def app
-        @app ||= nil
+      APP_SESSIONS = {}
+
+      attr_reader :app
+
+      def before_setup # :nodoc:
+        @app = nil
+        @integration_session = nil
+        super
+      end
+
+      def integration_session
+        @integration_session ||= create_session(app)
       end
 
       # Reset the current session. This is useful for testing multiple sessions
       # in a single test case.
       def reset!
-        @integration_session = Integration::Session.new(app)
+        @integration_session = create_session(app)
+      end
+
+      def create_session(app)
+        klass = APP_SESSIONS[app] ||= Class.new(Integration::Session) {
+          # If the app is a Rails app, make url_helpers available on the session
+          # This makes app.url_for and app.foo_path available in the console
+          if app.respond_to?(:routes)
+            include app.routes.url_helpers
+            include app.routes.mounted_helpers
+          end
+        }
+        klass.new(app)
       end
 
       def remove! # :nodoc:
@@ -334,13 +431,9 @@ module ActionDispatch
       %w(get post patch put head delete cookies assigns
          xml_http_request xhr get_via_redirect post_via_redirect).each do |method|
         define_method(method) do |*args|
-          reset! unless integration_session
-
           # reset the html_document variable, except for cookies/assigns calls
           unless method == 'cookies' || method == 'assigns'
             @html_document = nil
-            @html_scanner_document = nil
-            reset_template_assertion
           end
 
           integration_session.__send__(method, *args).tap do
@@ -361,7 +454,6 @@ module ActionDispatch
       # simultaneously.
       def open_session
         dup.tap do |session|
-          session.reset!
           yield session if block_given?
         end
       end
@@ -369,19 +461,16 @@ module ActionDispatch
       # Copy the instance variables from the current session instance into the
       # test instance.
       def copy_session_variables! #:nodoc:
-        return unless integration_session
-        %w(controller response request).each do |var|
-          instance_variable_set("@#{var}", @integration_session.__send__(var))
-        end
+        @controller = @integration_session.controller
+        @response   = @integration_session.response
+        @request    = @integration_session.request
       end
 
       def default_url_options
-        reset! unless integration_session
         integration_session.default_url_options
       end
 
       def default_url_options=(options)
-        reset! unless integration_session
         integration_session.default_url_options = options
       end
 
@@ -391,7 +480,6 @@ module ActionDispatch
 
       # Delegate unhandled messages to the current session instance.
       def method_missing(sym, *args, &block)
-        reset! unless integration_session
         if integration_session.respond_to?(sym)
           integration_session.__send__(sym, *args, &block).tap do
             copy_session_variables!
@@ -400,11 +488,6 @@ module ActionDispatch
           super
         end
       end
-
-      private
-        def integration_session
-          @integration_session ||= nil
-        end
     end
   end
 
@@ -427,8 +510,8 @@ module ActionDispatch
   #       assert_equal 200, status
   #
   #       # post the login and follow through to the home page
-  #       post "/login", username: people(:jamis).username,
-  #         password: people(:jamis).password
+  #       post "/login", params: { username: people(:jamis).username,
+  #         password: people(:jamis).password }
   #       follow_redirect!
   #       assert_equal 200, status
   #       assert_equal "/home", path
@@ -467,7 +550,7 @@ module ActionDispatch
   #         end
   #
   #         def speak(room, message)
-  #           xml_http_request "/say/#{room.id}", message: message
+  #           post "/say/#{room.id}", xhr: true, params: { message: message }
   #           assert(...)
   #           ...
   #         end
@@ -477,12 +560,91 @@ module ActionDispatch
   #         open_session do |sess|
   #           sess.extend(CustomAssertions)
   #           who = people(who)
-  #           sess.post "/login", username: who.username,
-  #             password: who.password
+  #           sess.post "/login", params: { username: who.username,
+  #             password: who.password }
   #           assert(...)
   #         end
   #       end
   #   end
+  #
+  # Another longer example would be:
+  #
+  # A simple integration test that exercises multiple controllers:
+  #
+  #   require 'test_helper'
+  #
+  #   class UserFlowsTest < ActionDispatch::IntegrationTest
+  #     test "login and browse site" do
+  #       # login via https
+  #       https!
+  #       get "/login"
+  #       assert_response :success
+  #
+  #       post "/login", params: { username: users(:david).username, password: users(:david).password }
+  #       follow_redirect!
+  #       assert_equal '/welcome', path
+  #       assert_equal 'Welcome david!', flash[:notice]
+  #
+  #       https!(false)
+  #       get "/articles/all"
+  #       assert_response :success
+  #       assert_select 'h1', 'Articles'
+  #     end
+  #   end
+  #
+  # As you can see the integration test involves multiple controllers and
+  # exercises the entire stack from database to dispatcher. In addition you can
+  # have multiple session instances open simultaneously in a test and extend
+  # those instances with assertion methods to create a very powerful testing
+  # DSL (domain-specific language) just for your application.
+  #
+  # Here's an example of multiple sessions and custom DSL in an integration test
+  #
+  #   require 'test_helper'
+  #
+  #   class UserFlowsTest < ActionDispatch::IntegrationTest
+  #     test "login and browse site" do
+  #       # User david logs in
+  #       david = login(:david)
+  #       # User guest logs in
+  #       guest = login(:guest)
+  #
+  #       # Both are now available in different sessions
+  #       assert_equal 'Welcome david!', david.flash[:notice]
+  #       assert_equal 'Welcome guest!', guest.flash[:notice]
+  #
+  #       # User david can browse site
+  #       david.browses_site
+  #       # User guest can browse site as well
+  #       guest.browses_site
+  #
+  #       # Continue with other assertions
+  #     end
+  #
+  #     private
+  #
+  #       module CustomDsl
+  #         def browses_site
+  #           get "/products/all"
+  #           assert_response :success
+  #           assert_select 'h1', 'Products'
+  #         end
+  #       end
+  #
+  #       def login(user)
+  #         open_session do |sess|
+  #           sess.extend(CustomDsl)
+  #           u = users(user)
+  #           sess.https!
+  #           sess.post "/login", params: { username: u.username, password: u.password }
+  #           assert_equal '/welcome', sess.path
+  #           sess.https!(false)
+  #         end
+  #       end
+  #   end
+  #
+  # Consult the Rails Testing Guide for more.
+
   class IntegrationTest < ActiveSupport::TestCase
     include Integration::Runner
     include ActionController::TemplateAssertions
@@ -503,7 +665,6 @@ module ActionDispatch
     end
 
     def url_options
-      reset! unless integration_session
       integration_session.url_options
     end