RubyGems - actionpack - Versions diffs - 4.2.11.3 → 5.0.7.2 - Mend

actionpack 4.2.11.3 → 5.0.7.2

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (136) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +890 -384
data/MIT-LICENSE +1 -1
data/README.rdoc +2 -3
data/lib/abstract_controller/base.rb +28 -38
data/lib/{action_controller → abstract_controller}/caching/fragments.rb +51 -11
data/lib/abstract_controller/caching.rb +62 -0
data/lib/abstract_controller/callbacks.rb +54 -19
data/lib/abstract_controller/collector.rb +4 -9
data/lib/abstract_controller/error.rb +4 -0
data/lib/abstract_controller/helpers.rb +4 -3
data/lib/abstract_controller/railties/routes_helpers.rb +2 -2
data/lib/abstract_controller/rendering.rb +28 -18
data/lib/abstract_controller/translation.rb +8 -7
data/lib/abstract_controller.rb +6 -2
data/lib/action_controller/api/api_rendering.rb +14 -0
data/lib/action_controller/api.rb +147 -0
data/lib/action_controller/base.rb +14 -11
data/lib/action_controller/caching.rb +13 -58
data/lib/action_controller/form_builder.rb +48 -0
data/lib/action_controller/log_subscriber.rb +3 -10
data/lib/action_controller/metal/basic_implicit_render.rb +11 -0
data/lib/action_controller/metal/conditional_get.rb +106 -34
data/lib/action_controller/metal/cookies.rb +1 -3
data/lib/action_controller/metal/data_streaming.rb +14 -34
data/lib/action_controller/metal/etag_with_template_digest.rb +8 -2
data/lib/action_controller/metal/exceptions.rb +11 -6
data/lib/action_controller/metal/force_ssl.rb +11 -11
data/lib/action_controller/metal/head.rb +14 -8
data/lib/action_controller/metal/helpers.rb +15 -6
data/lib/action_controller/metal/http_authentication.rb +44 -35
data/lib/action_controller/metal/implicit_render.rb +61 -6
data/lib/action_controller/metal/instrumentation.rb +5 -5
data/lib/action_controller/metal/live.rb +71 -88
data/lib/action_controller/metal/mime_responds.rb +27 -42
data/lib/action_controller/metal/params_wrapper.rb +9 -9
data/lib/action_controller/metal/redirecting.rb +32 -9
data/lib/action_controller/metal/renderers.rb +83 -40
data/lib/action_controller/metal/rendering.rb +38 -6
data/lib/action_controller/metal/request_forgery_protection.rb +126 -48
data/lib/action_controller/metal/rescue.rb +3 -12
data/lib/action_controller/metal/streaming.rb +4 -4
data/lib/action_controller/metal/strong_parameters.rb +527 -134
data/lib/action_controller/metal/testing.rb +1 -12
data/lib/action_controller/metal/url_for.rb +12 -5
data/lib/action_controller/metal.rb +88 -63
data/lib/action_controller/railtie.rb +11 -7
data/lib/action_controller/renderer.rb +113 -0
data/lib/action_controller/template_assertions.rb +9 -0
data/lib/action_controller/test_case.rb +311 -374
data/lib/action_controller.rb +12 -9
data/lib/action_dispatch/http/cache.rb +73 -34
data/lib/action_dispatch/http/filter_parameters.rb +16 -12
data/lib/action_dispatch/http/filter_redirect.rb +7 -8
data/lib/action_dispatch/http/headers.rb +45 -14
data/lib/action_dispatch/http/mime_negotiation.rb +42 -23
data/lib/action_dispatch/http/mime_type.rb +126 -90
data/lib/action_dispatch/http/mime_types.rb +3 -4
data/lib/action_dispatch/http/parameter_filter.rb +19 -9
data/lib/action_dispatch/http/parameters.rb +70 -40
data/lib/action_dispatch/http/request.rb +144 -89
data/lib/action_dispatch/http/response.rb +215 -102
data/lib/action_dispatch/http/upload.rb +6 -2
data/lib/action_dispatch/http/url.rb +117 -8
data/lib/action_dispatch/journey/formatter.rb +47 -30
data/lib/action_dispatch/journey/gtg/transition_table.rb +1 -1
data/lib/action_dispatch/journey/nfa/dot.rb +0 -2
data/lib/action_dispatch/journey/nfa/transition_table.rb +1 -46
data/lib/action_dispatch/journey/nodes/node.rb +14 -4
data/lib/action_dispatch/journey/parser.rb +2 -0
data/lib/action_dispatch/journey/parser_extras.rb +8 -2
data/lib/action_dispatch/journey/path/pattern.rb +38 -42
data/lib/action_dispatch/journey/route.rb +88 -26
data/lib/action_dispatch/journey/router/utils.rb +5 -5
data/lib/action_dispatch/journey/router.rb +8 -10
data/lib/action_dispatch/journey/routes.rb +14 -15
data/lib/action_dispatch/journey/visitors.rb +89 -44
data/lib/action_dispatch/middleware/callbacks.rb +10 -1
data/lib/action_dispatch/middleware/cookies.rb +188 -134
data/lib/action_dispatch/middleware/debug_exceptions.rb +128 -49
data/lib/action_dispatch/middleware/debug_locks.rb +122 -0
data/lib/action_dispatch/middleware/exception_wrapper.rb +21 -21
data/lib/action_dispatch/middleware/executor.rb +19 -0
data/lib/action_dispatch/middleware/flash.rb +66 -45
data/lib/action_dispatch/middleware/params_parser.rb +32 -46
data/lib/action_dispatch/middleware/public_exceptions.rb +2 -2
data/lib/action_dispatch/middleware/reloader.rb +14 -58
data/lib/action_dispatch/middleware/remote_ip.rb +29 -19
data/lib/action_dispatch/middleware/request_id.rb +11 -6
data/lib/action_dispatch/middleware/session/abstract_store.rb +23 -11
data/lib/action_dispatch/middleware/session/cache_store.rb +9 -6
data/lib/action_dispatch/middleware/session/cookie_store.rb +30 -24
data/lib/action_dispatch/middleware/session/mem_cache_store.rb +4 -0
data/lib/action_dispatch/middleware/show_exceptions.rb +11 -9
data/lib/action_dispatch/middleware/ssl.rb +124 -36
data/lib/action_dispatch/middleware/stack.rb +44 -40
data/lib/action_dispatch/middleware/static.rb +51 -35
data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +2 -14
data/lib/action_dispatch/middleware/templates/rescues/_source.text.erb +8 -0
data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/template_error.text.erb +1 -1
data/lib/action_dispatch/middleware/templates/routes/_route.html.erb +4 -4
data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +59 -63
data/lib/action_dispatch/railtie.rb +2 -2
data/lib/action_dispatch/request/session.rb +69 -33
data/lib/action_dispatch/request/utils.rb +51 -19
data/lib/action_dispatch/routing/inspector.rb +32 -43
data/lib/action_dispatch/routing/mapper.rb +515 -348
data/lib/action_dispatch/routing/polymorphic_routes.rb +8 -14
data/lib/action_dispatch/routing/redirection.rb +5 -4
data/lib/action_dispatch/routing/route_set.rb +148 -240
data/lib/action_dispatch/routing/url_for.rb +27 -10
data/lib/action_dispatch/routing.rb +17 -13
data/lib/action_dispatch/testing/assertion_response.rb +45 -0
data/lib/action_dispatch/testing/assertions/response.rb +38 -20
data/lib/action_dispatch/testing/assertions/routing.rb +16 -12
data/lib/action_dispatch/testing/assertions.rb +1 -1
data/lib/action_dispatch/testing/integration.rb +377 -149
data/lib/action_dispatch/testing/request_encoder.rb +53 -0
data/lib/action_dispatch/testing/test_process.rb +24 -20
data/lib/action_dispatch/testing/test_request.rb +22 -31
data/lib/action_dispatch/testing/test_response.rb +12 -4
data/lib/action_dispatch.rb +4 -1
data/lib/action_pack/gem_version.rb +4 -4
data/lib/action_pack.rb +1 -1
metadata +32 -34
data/lib/action_controller/metal/hide_actions.rb +0 -40
data/lib/action_controller/metal/rack_delegation.rb +0 -32
data/lib/action_controller/middleware.rb +0 -39
data/lib/action_controller/model_naming.rb +0 -12
data/lib/action_dispatch/journey/backwards.rb +0 -5
data/lib/action_dispatch/journey/router/strexp.rb +0 -27
data/lib/action_dispatch/testing/assertions/dom.rb +0 -3
data/lib/action_dispatch/testing/assertions/selector.rb +0 -3
data/lib/action_dispatch/testing/assertions/tag.rb +0 -3
/data/lib/action_dispatch/middleware/templates/rescues/{_source.erb → _source.html.erb} +0 -0

data/lib/action_dispatch/http/mime_type.rb CHANGED Viewed

@@ -1,23 +1,33 @@
-require 'set'
+# -*- frozen-string-literal: true -*-
 require 'singleton'
 require 'active_support/core_ext/module/attribute_accessors'
 require 'active_support/core_ext/string/starts_ends_with'
 module Mime
-  class Mimes < Array
-    def symbols
-      @symbols ||= map { |m| m.to_sym }
+  class Mimes
+    include Enumerable
+    def initialize
+      @mimes = []
+      @symbols = nil
     end
-    %w(<< concat shift unshift push pop []= clear compact! collect!
-    delete delete_at delete_if flatten! map! insert reject! reverse!
-    replace slice! sort! uniq!).each do |method|
-      module_eval <<-CODE, __FILE__, __LINE__ + 1
-        def #{method}(*)
-          @symbols = nil
-          super
-        end
-      CODE
+    def each
+      @mimes.each { |x| yield x }
+    end
+    def <<(type)
+      @mimes << type
+      @symbols = nil
+    end
+    def delete_if
+      @mimes.delete_if { |x| yield x }.tap { @symbols = nil }
+    end
+    def symbols
+      @symbols ||= map(&:to_sym)
     end
   end
@@ -35,6 +45,32 @@ module Mime
       return type if type.is_a?(Type)
       EXTENSION_LOOKUP.fetch(type.to_s) { |k| yield k }
     end
+    def const_missing(sym)
+      ext = sym.downcase
+      if Mime[ext]
+        ActiveSupport::Deprecation.warn(<<-MSG.squish)
+          Accessing mime types via constants is deprecated.
+          Please change `Mime::#{sym}` to `Mime[:#{ext}]`.
+        MSG
+        Mime[ext]
+      else
+        super
+      end
+    end
+    def const_defined?(sym, inherit = true)
+      ext = sym.downcase
+      if Mime[ext]
+        ActiveSupport::Deprecation.warn(<<-MSG.squish)
+          Accessing mime types via constants is deprecated.
+          Please change `Mime.const_defined?(#{sym})` to `Mime[:#{ext}]`.
+        MSG
+        true
+      else
+        super
+      end
+    end
   end
   # Encapsulates the notion of a mime type. Can be used at render time, for example, with:
@@ -45,15 +81,12 @@ module Mime
   #
   #       respond_to do |format|
   #         format.html
-  #         format.ics { render text: @post.to_ics, mime_type: Mime::Type["text/calendar"]  }
+  #         format.ics { render body: @post.to_ics, mime_type: Mime::Type.lookup("text/calendar")  }
   #         format.xml { render xml: @post }
   #       end
   #     end
   #   end
   class Type
-    @@html_types = Set.new [:html, :all]
-    cattr_reader :html_types
     attr_reader :symbol
     @register_callbacks = []
@@ -66,7 +99,7 @@ module Mime
       def initialize(index, name, q = nil)
         @index = index
         @name = name
-        q ||= 0.0 if @name == Mime::ALL.to_s # default wildcard match to end of list
+        q ||= 0.0 if @name == '*/*'.freeze # default wildcard match to end of list
         @q = ((q || 1.0).to_f * 100).to_i
       end
@@ -75,70 +108,58 @@ module Mime
         result = @index <=> item.index if result == 0
         result
       end
-      def ==(item)
-        @name == item.to_s
-      end
     end
-    class AcceptList < Array #:nodoc:
-      def assort!
-        sort!
+    class AcceptList #:nodoc:
+      def self.sort!(list)
+        list.sort!
+        text_xml_idx = find_item_by_name list, 'text/xml'
+        app_xml_idx = find_item_by_name list, Mime[:xml].to_s
         # Take care of the broken text/xml entry by renaming or deleting it
         if text_xml_idx && app_xml_idx
+          app_xml = list[app_xml_idx]
+          text_xml = list[text_xml_idx]
           app_xml.q = [text_xml.q, app_xml.q].max # set the q value to the max of the two
-          exchange_xml_items if app_xml_idx > text_xml_idx  # make sure app_xml is ahead of text_xml in the list
-          delete_at(text_xml_idx)                 # delete text_xml from the list
+          if app_xml_idx > text_xml_idx  # make sure app_xml is ahead of text_xml in the list
+            list[app_xml_idx], list[text_xml_idx] = text_xml, app_xml
+            app_xml_idx, text_xml_idx = text_xml_idx, app_xml_idx
+          end
+          list.delete_at(text_xml_idx)                 # delete text_xml from the list
         elsif text_xml_idx
-          text_xml.name = Mime::XML.to_s
+          list[text_xml_idx].name = Mime[:xml].to_s
         end
         # Look for more specific XML-based types and sort them ahead of app/xml
         if app_xml_idx
+          app_xml = list[app_xml_idx]
           idx = app_xml_idx
-          while idx < length
-            type = self[idx]
+          while idx < list.length
+            type = list[idx]
             break if type.q < app_xml.q
             if type.name.ends_with? '+xml'
-              self[app_xml_idx], self[idx] = self[idx], app_xml
-              @app_xml_idx = idx
+              list[app_xml_idx], list[idx] = list[idx], app_xml
+              app_xml_idx = idx
             end
             idx += 1
           end
         end
-        map! { |i| Mime::Type.lookup(i.name) }.uniq!
-        to_a
+        list.map! { |i| Mime::Type.lookup(i.name) }.uniq!
+        list
       end
-      private
-        def text_xml_idx
-          @text_xml_idx ||= index('text/xml')
-        end
-        def app_xml_idx
-          @app_xml_idx ||= index(Mime::XML.to_s)
-        end
-        def text_xml
-          self[text_xml_idx]
-        end
-        def app_xml
-          self[app_xml_idx]
-        end
-        def exchange_xml_items
-          self[app_xml_idx], self[text_xml_idx] = text_xml, app_xml
-          @app_xml_idx, @text_xml_idx = text_xml_idx, app_xml_idx
-        end
+      def self.find_item_by_name(array, name)
+        array.index { |item| item.name == name }
+      end
     end
     class << self
-      TRAILING_STAR_REGEXP = /(text|application)\/\*/
+      TRAILING_STAR_REGEXP = /^(text|application)\/\*/
       PARAMETER_SEPARATOR_REGEXP = /;\s*\w+="?\w+"?/
       def register_callback(&block)
@@ -160,17 +181,17 @@ module Mime
       end
       def register(string, symbol, mime_type_synonyms = [], extension_synonyms = [], skip_lookup = false)
-        Mime.const_set(symbol.upcase, Type.new(string, symbol, mime_type_synonyms))
+        new_mime = Type.new(string, symbol, mime_type_synonyms)
-        new_mime = Mime.const_get(symbol.upcase)
         SET << new_mime
-        ([string] + mime_type_synonyms).each { |str| LOOKUP[str] = SET.last } unless skip_lookup
-        ([symbol] + extension_synonyms).each { |ext| EXTENSION_LOOKUP[ext.to_s] = SET.last }
+        ([string] + mime_type_synonyms).each { |str| LOOKUP[str] = new_mime } unless skip_lookup
+        ([symbol] + extension_synonyms).each { |ext| EXTENSION_LOOKUP[ext.to_s] = new_mime }
         @register_callbacks.each do |callback|
           callback.call(new_mime)
         end
+        new_mime
       end
       def parse(accept_header)
@@ -178,21 +199,22 @@ module Mime
           accept_header = accept_header.split(PARAMETER_SEPARATOR_REGEXP).first
           parse_trailing_star(accept_header) || [Mime::Type.lookup(accept_header)].compact
         else
-          list, index = AcceptList.new, 0
+          list, index = [], 0
           accept_header.split(',').each do |header|
             params, q = header.split(PARAMETER_SEPARATOR_REGEXP)
-            if params.present?
-              params.strip!
-              params = parse_trailing_star(params) || [params]
+            next unless params
+            params.strip!
+            next if params.empty?
-              params.each do |m|
-                list << AcceptItem.new(index, m.to_s, q)
-                index += 1
-              end
+            params = parse_trailing_star(params) || [params]
+            params.each do |m|
+              list << AcceptItem.new(index, m.to_s, q)
+              index += 1
             end
           end
-          list.assort!
+          AcceptList.sort! list
         end
       end
@@ -200,28 +222,27 @@ module Mime
         parse_data_with_trailing_star($1) if accept_header =~ TRAILING_STAR_REGEXP
       end
-      # For an input of <tt>'text'</tt>, returns <tt>[Mime::JSON, Mime::XML, Mime::ICS,
-      # Mime::HTML, Mime::CSS, Mime::CSV, Mime::JS, Mime::YAML, Mime::TEXT]</tt>.
+      # For an input of <tt>'text'</tt>, returns <tt>[Mime[:json], Mime[:xml], Mime[:ics],
+      # Mime[:html], Mime[:css], Mime[:csv], Mime[:js], Mime[:yaml], Mime[:text]</tt>.
       #
-      # For an input of <tt>'application'</tt>, returns <tt>[Mime::HTML, Mime::JS,
-      # Mime::XML, Mime::YAML, Mime::ATOM, Mime::JSON, Mime::RSS, Mime::URL_ENCODED_FORM]</tt>.
-      def parse_data_with_trailing_star(input)
-        Mime::SET.select { |m| m =~ input }
+      # For an input of <tt>'application'</tt>, returns <tt>[Mime[:html], Mime[:js],
+      # Mime[:xml], Mime[:yaml], Mime[:atom], Mime[:json], Mime[:rss], Mime[:url_encoded_form]</tt>.
+      def parse_data_with_trailing_star(type)
+        Mime::SET.select { |m| m =~ type }
       end
       # This method is opposite of register method.
       #
-      # Usage:
+      # To unregister a MIME type:
       #
       #   Mime::Type.unregister(:mobile)
       def unregister(symbol)
-        symbol = symbol.upcase
-        mime = Mime.const_get(symbol)
-        Mime.instance_eval { remove_const(symbol) }
-        SET.delete_if { |v| v.eql?(mime) }
-        LOOKUP.delete_if { |_,v| v.eql?(mime) }
-        EXTENSION_LOOKUP.delete_if { |_,v| v.eql?(mime) }
+        symbol = symbol.downcase
+        if mime = Mime[symbol]
+          SET.delete_if { |v| v.eql?(mime) }
+          LOOKUP.delete_if { |_, v| v.eql?(mime) }
+          EXTENSION_LOOKUP.delete_if { |_, v| v.eql?(mime) }
+        end
       end
     end
@@ -246,7 +267,7 @@ module Mime
     end
     def ref
-      to_sym || to_s
+      symbol || to_s
     end
     def ===(list)
@@ -258,7 +279,7 @@ module Mime
     end
     def ==(mime_type)
-      return false if mime_type.blank?
+      return false unless mime_type
       (@synonyms + [ self ]).any? do |synonym|
         synonym.to_s == mime_type.to_s || synonym.to_sym == mime_type.to_sym
       end
@@ -272,17 +293,16 @@ module Mime
     end
     def =~(mime_type)
-      return false if mime_type.blank?
+      return false unless mime_type
       regexp = Regexp.new(Regexp.quote(mime_type.to_s))
-      (@synonyms + [ self ]).any? do |synonym|
-        synonym.to_s =~ regexp
-      end
+      @synonyms.any? { |synonym| synonym.to_s =~ regexp } || @string =~ regexp
     end
     def html?
-      @@html_types.include?(to_sym) || @string =~ /html/
+      symbol == :html || @string =~ /html/
     end
+    def all?; false; end
     protected
@@ -306,6 +326,22 @@ module Mime
     end
   end
+  class AllType < Type
+    include Singleton
+    def initialize
+      super '*/*', :all
+    end
+    def all?; true; end
+    def html?; true; end
+  end
+  # ALL isn't a real MIME type, so we don't register it for lookup with the
+  # other concrete types. It's a wildcard match that we use for `respond_to`
+  # negotiation internals.
+  ALL = AllType.instance
   class NullType
     include Singleton

data/lib/action_dispatch/http/mime_types.rb CHANGED Viewed

@@ -14,13 +14,14 @@ Mime::Type.register "image/jpeg", :jpeg, [], %w(jpg jpeg jpe pjpeg)
 Mime::Type.register "image/gif", :gif, [], %w(gif)
 Mime::Type.register "image/bmp", :bmp, [], %w(bmp)
 Mime::Type.register "image/tiff", :tiff, [], %w(tif tiff)
+Mime::Type.register "image/svg+xml", :svg
 Mime::Type.register "video/mpeg", :mpeg, [], %w(mpg mpeg mpe)
 Mime::Type.register "application/xml", :xml, %w( text/xml application/x-xml )
 Mime::Type.register "application/rss+xml", :rss
 Mime::Type.register "application/atom+xml", :atom
-Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml )
+Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml ), %w(yml yaml)
 Mime::Type.register "multipart/form-data", :multipart_form
 Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form
@@ -31,6 +32,4 @@ Mime::Type.register "application/json", :json, %w( text/x-json application/jsonr
 Mime::Type.register "application/pdf", :pdf, [], %w(pdf)
 Mime::Type.register "application/zip", :zip, [], %w(zip)
-# Create Mime::ALL but do not add it to the SET.
-Mime::ALL = Mime::Type.new("*/*", :all, [])
+Mime::Type.register "application/gzip", :gzip, %w(application/x-gzip), %w(gz)

data/lib/action_dispatch/http/parameter_filter.rb CHANGED Viewed

@@ -30,36 +30,46 @@ module ActionDispatch
             when Regexp
               regexps << item
             else
-              strings << item.to_s
+              strings << Regexp.escape(item.to_s)
             end
           end
-          regexps << Regexp.new(strings.join('|'), true) unless strings.empty?
-          new regexps, blocks
+          deep_regexps, regexps = regexps.partition { |r| r.to_s.include?("\\.".freeze) }
+          deep_strings, strings = strings.partition { |s| s.include?("\\.".freeze) }
+          regexps << Regexp.new(strings.join('|'.freeze), true) unless strings.empty?
+          deep_regexps << Regexp.new(deep_strings.join('|'.freeze), true) unless deep_strings.empty?
+          new regexps, deep_regexps, blocks
         end
-        attr_reader :regexps, :blocks
+        attr_reader :regexps, :deep_regexps, :blocks
-        def initialize(regexps, blocks)
+        def initialize(regexps, deep_regexps, blocks)
           @regexps = regexps
+          @deep_regexps = deep_regexps.any? ? deep_regexps : nil
           @blocks  = blocks
         end
-        def call(original_params)
-          filtered_params = {}
+        def call(original_params, parents = [])
+          filtered_params = original_params.class.new
           original_params.each do |key, value|
+            parents.push(key) if deep_regexps
             if regexps.any? { |r| key =~ r }
               value = FILTERED
+            elsif deep_regexps && (joined = parents.join('.')) && deep_regexps.any? { |r| joined =~ r }
+              value = FILTERED
             elsif value.is_a?(Hash)
-              value = call(value)
+              value = call(value, parents)
             elsif value.is_a?(Array)
-              value = value.map { |v| v.is_a?(Hash) ? call(v) : v }
+              value = value.map { |v| v.is_a?(Hash) ? call(v, parents) : v }
             elsif blocks.any?
               key = key.dup if key.duplicable?
               value = value.dup if value.duplicable?
               blocks.each { |b| b.call(key, value) }
             end
+            parents.pop if deep_regexps
             filtered_params[key] = value
           end

data/lib/action_dispatch/http/parameters.rb CHANGED Viewed

@@ -1,35 +1,67 @@
-require 'active_support/core_ext/hash/keys'
-require 'active_support/core_ext/hash/indifferent_access'
-require 'active_support/deprecation'
 module ActionDispatch
   module Http
     module Parameters
+      extend ActiveSupport::Concern
       PARAMETERS_KEY = 'action_dispatch.request.path_parameters'
+      DEFAULT_PARSERS = {
+        Mime[:json].symbol => -> (raw_post) {
+          data = ActiveSupport::JSON.decode(raw_post)
+          data.is_a?(Hash) ? data : {:_json => data}
+        }
+      }
+      included do
+        class << self
+          # Returns the parameter parsers.
+          attr_reader :parameter_parsers
+        end
+        self.parameter_parsers = DEFAULT_PARSERS
+      end
+      module ClassMethods
+        # Configure the parameter parser for a give mime type.
+        #
+        # It accepts a hash where the key is the symbol of the mime type
+        # and the value is a proc.
+        #
+        #     original_parsers = ActionDispatch::Request.parameter_parsers
+        #     xml_parser = -> (raw_post) { Hash.from_xml(raw_post) || {} }
+        #     new_parsers = original_parsers.merge(xml: xml_parser)
+        #     ActionDispatch::Request.parameter_parsers = new_parsers
+        def parameter_parsers=(parsers)
+          @parameter_parsers = parsers.transform_keys { |key| key.respond_to?(:symbol) ? key.symbol : key }
+        end
+      end
       # Returns both GET and POST \parameters in a single hash.
       def parameters
-        @env["action_dispatch.request.parameters"] ||= begin
-          params = begin
-            request_parameters.merge(query_parameters)
-          rescue EOFError
-            query_parameters.dup
-          end
-          params.merge!(path_parameters)
-        end
+        params = get_header("action_dispatch.request.parameters")
+        return params if params
+        params = begin
+                   request_parameters.merge(query_parameters)
+                 rescue EOFError
+                   query_parameters.dup
+                 end
+        params.merge!(path_parameters)
+        set_header("action_dispatch.request.parameters", params)
+        params
       end
       alias :params :parameters
       def path_parameters=(parameters) #:nodoc:
-        @env.delete('action_dispatch.request.parameters')
-        @env[PARAMETERS_KEY] = parameters
-      end
+        delete_header('action_dispatch.request.parameters')
-      def symbolized_path_parameters
-        ActiveSupport::Deprecation.warn(
-          '`symbolized_path_parameters` is deprecated. Please use `path_parameters`.'
-        )
-        path_parameters
+        # If any of the path parameters has an invalid encoding then
+        # raise since it's likely to trigger errors further on.
+        Request::Utils.check_param_encoding(parameters)
+        set_header PARAMETERS_KEY, parameters
+      rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
+        raise ActionController::BadRequest.new("Invalid path parameters: #{e.message}")
       end
       # Returns a hash with the \parameters used to form the \path of the request.
@@ -37,31 +69,29 @@ module ActionDispatch
       #
       #   {'action' => 'my_action', 'controller' => 'my_controller'}
       def path_parameters
-        @env[PARAMETERS_KEY] ||= {}
+        get_header(PARAMETERS_KEY) || set_header(PARAMETERS_KEY, {})
       end
-    private
+      private
-      # Convert nested Hash to HashWithIndifferentAccess.
-      #
-      def normalize_encode_params(params)
-        case params
-        when Hash
-          if params.has_key?(:tempfile)
-            UploadedFile.new(params)
-          else
-            params.each_with_object({}) do |(key, val), new_hash|
-              new_hash[key] = if val.is_a?(Array)
-                val.map! { |el| normalize_encode_params(el) }
-              else
-                normalize_encode_params(val)
-              end
-            end.with_indifferent_access
-          end
-        else
-          params
+      def parse_formatted_parameters(parsers)
+        return yield if content_length.zero? || content_mime_type.nil?
+        strategy = parsers.fetch(content_mime_type.symbol) { return yield }
+        begin
+          strategy.call(raw_post)
+        rescue # JSON or Ruby code block errors
+          my_logger = logger || ActiveSupport::Logger.new($stderr)
+          my_logger.debug "Error occurred while parsing request parameters.\nContents:\n\n#{raw_post}"
+          raise ParamsParser::ParseError
         end
       end
+      def params_parsers
+        ActionDispatch::Request.parameter_parsers
+      end
     end
   end
 end