RubyGems - actionpack - Versions diffs - 5.2.8.1 → 6.1.6.1 - Mend

actionpack 5.2.8.1 → 6.1.6.1

Potentially problematic release.

This version of actionpack might be problematic. Click here for more details.

Files changed (155) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +383 -346
data/MIT-LICENSE +1 -2
data/README.rdoc +4 -3
data/lib/abstract_controller/base.rb +38 -4
data/lib/abstract_controller/caching/fragments.rb +6 -22
data/lib/abstract_controller/caching.rb +1 -1
data/lib/abstract_controller/callbacks.rb +14 -2
data/lib/abstract_controller/collector.rb +5 -4
data/lib/abstract_controller/helpers.rb +106 -90
data/lib/abstract_controller/railties/routes_helpers.rb +17 -1
data/lib/abstract_controller/rendering.rb +9 -9
data/lib/abstract_controller/translation.rb +11 -5
data/lib/abstract_controller.rb +1 -0
data/lib/action_controller/api.rb +4 -3
data/lib/action_controller/base.rb +6 -9
data/lib/action_controller/caching.rb +1 -3
data/lib/action_controller/log_subscriber.rb +10 -7
data/lib/action_controller/metal/basic_implicit_render.rb +1 -1
data/lib/action_controller/metal/conditional_get.rb +19 -5
data/lib/action_controller/metal/content_security_policy.rb +1 -2
data/lib/action_controller/metal/cookies.rb +3 -1
data/lib/action_controller/metal/data_streaming.rb +6 -7
data/lib/action_controller/metal/default_headers.rb +17 -0
data/lib/action_controller/metal/etag_with_template_digest.rb +4 -6
data/lib/action_controller/metal/exceptions.rb +56 -2
data/lib/action_controller/metal/flash.rb +5 -5
data/lib/action_controller/metal/head.rb +7 -4
data/lib/action_controller/metal/helpers.rb +14 -5
data/lib/action_controller/metal/http_authentication.rb +25 -23
data/lib/action_controller/metal/implicit_render.rb +5 -15
data/lib/action_controller/metal/instrumentation.rb +13 -14
data/lib/action_controller/metal/live.rb +39 -32
data/lib/action_controller/metal/logging.rb +20 -0
data/lib/action_controller/metal/mime_responds.rb +19 -4
data/lib/action_controller/metal/parameter_encoding.rb +35 -4
data/lib/action_controller/metal/params_wrapper.rb +32 -22
data/lib/action_controller/metal/permissions_policy.rb +46 -0
data/lib/action_controller/metal/redirecting.rb +6 -6
data/lib/action_controller/metal/renderers.rb +4 -4
data/lib/action_controller/metal/rendering.rb +8 -3
data/lib/action_controller/metal/request_forgery_protection.rb +26 -49
data/lib/action_controller/metal/rescue.rb +1 -1
data/lib/action_controller/metal/streaming.rb +0 -1
data/lib/action_controller/metal/strong_parameters.rb +168 -59
data/lib/action_controller/metal/url_for.rb +1 -1
data/lib/action_controller/metal.rb +10 -8
data/lib/action_controller/railties/helpers.rb +1 -1
data/lib/action_controller/renderer.rb +37 -13
data/lib/action_controller/template_assertions.rb +1 -1
data/lib/action_controller/test_case.rb +71 -63
data/lib/action_controller.rb +7 -4
data/lib/action_dispatch/http/cache.rb +31 -27
data/lib/action_dispatch/http/content_disposition.rb +45 -0
data/lib/action_dispatch/http/content_security_policy.rb +34 -18
data/lib/action_dispatch/http/filter_parameters.rb +9 -8
data/lib/action_dispatch/http/filter_redirect.rb +2 -3
data/lib/action_dispatch/http/headers.rb +4 -4
data/lib/action_dispatch/http/mime_negotiation.rb +26 -13
data/lib/action_dispatch/http/mime_type.rb +43 -24
data/lib/action_dispatch/http/parameters.rb +14 -23
data/lib/action_dispatch/http/permissions_policy.rb +173 -0
data/lib/action_dispatch/http/request.rb +45 -22
data/lib/action_dispatch/http/response.rb +45 -25
data/lib/action_dispatch/http/upload.rb +9 -1
data/lib/action_dispatch/http/url.rb +82 -82
data/lib/action_dispatch/journey/formatter.rb +55 -31
data/lib/action_dispatch/journey/gtg/builder.rb +22 -37
data/lib/action_dispatch/journey/gtg/simulator.rb +8 -7
data/lib/action_dispatch/journey/gtg/transition_table.rb +6 -5
data/lib/action_dispatch/journey/nfa/dot.rb +0 -11
data/lib/action_dispatch/journey/nodes/node.rb +13 -11
data/lib/action_dispatch/journey/parser.rb +13 -13
data/lib/action_dispatch/journey/parser.y +1 -1
data/lib/action_dispatch/journey/path/pattern.rb +19 -21
data/lib/action_dispatch/journey/route.rb +10 -20
data/lib/action_dispatch/journey/router/utils.rb +14 -12
data/lib/action_dispatch/journey/router.rb +26 -34
data/lib/action_dispatch/journey/routes.rb +0 -2
data/lib/action_dispatch/journey/scanner.rb +10 -4
data/lib/action_dispatch/journey/visitors.rb +1 -4
data/lib/action_dispatch/journey.rb +0 -2
data/lib/action_dispatch/middleware/actionable_exceptions.rb +46 -0
data/lib/action_dispatch/middleware/callbacks.rb +2 -4
data/lib/action_dispatch/middleware/cookies.rb +128 -109
data/lib/action_dispatch/middleware/debug_exceptions.rb +43 -66
data/lib/action_dispatch/middleware/debug_locks.rb +5 -5
data/lib/action_dispatch/middleware/debug_view.rb +66 -0
data/lib/action_dispatch/middleware/exception_wrapper.rb +75 -30
data/lib/action_dispatch/middleware/flash.rb +1 -1
data/lib/action_dispatch/middleware/host_authorization.rb +170 -0
data/lib/action_dispatch/middleware/public_exceptions.rb +6 -3
data/lib/action_dispatch/middleware/remote_ip.rb +14 -16
data/lib/action_dispatch/middleware/request_id.rb +5 -6
data/lib/action_dispatch/middleware/session/abstract_store.rb +2 -3
data/lib/action_dispatch/middleware/session/cookie_store.rb +3 -9
data/lib/action_dispatch/middleware/show_exceptions.rb +13 -2
data/lib/action_dispatch/middleware/ssl.rb +20 -15
data/lib/action_dispatch/middleware/stack.rb +56 -2
data/lib/action_dispatch/middleware/static.rb +153 -93
data/lib/action_dispatch/middleware/templates/rescues/_actions.html.erb +13 -0
data/lib/action_dispatch/middleware/templates/rescues/_actions.text.erb +0 -0
data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb +22 -0
data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +3 -1
data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/_source.html.erb +4 -2
data/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb +45 -35
data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb +7 -0
data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb +5 -0
data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +23 -4
data/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +6 -3
data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +4 -1
data/lib/action_dispatch/middleware/templates/rescues/layout.erb +104 -8
data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb +19 -0
data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.text.erb +3 -0
data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb +2 -2
data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb +1 -1
data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +2 -2
data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +1 -1
data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +24 -1
data/lib/action_dispatch/railtie.rb +8 -2
data/lib/action_dispatch/request/session.rb +11 -10
data/lib/action_dispatch/request/utils.rb +26 -2
data/lib/action_dispatch/routing/inspector.rb +100 -52
data/lib/action_dispatch/routing/mapper.rb +155 -103
data/lib/action_dispatch/routing/polymorphic_routes.rb +13 -15
data/lib/action_dispatch/routing/redirection.rb +4 -4
data/lib/action_dispatch/routing/route_set.rb +71 -69
data/lib/action_dispatch/routing/url_for.rb +2 -2
data/lib/action_dispatch/routing.rb +21 -20
data/lib/action_dispatch/system_test_case.rb +60 -11
data/lib/action_dispatch/system_testing/browser.rb +53 -16
data/lib/action_dispatch/system_testing/driver.rb +11 -3
data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +49 -7
data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +8 -10
data/lib/action_dispatch/testing/assertion_response.rb +0 -1
data/lib/action_dispatch/testing/assertions/response.rb +4 -7
data/lib/action_dispatch/testing/assertions/routing.rb +20 -8
data/lib/action_dispatch/testing/assertions.rb +1 -1
data/lib/action_dispatch/testing/integration.rb +60 -28
data/lib/action_dispatch/testing/request_encoder.rb +2 -2
data/lib/action_dispatch/testing/test_process.rb +32 -4
data/lib/action_dispatch/testing/test_request.rb +3 -3
data/lib/action_dispatch/testing/test_response.rb +4 -32
data/lib/action_dispatch.rb +9 -3
data/lib/action_pack/gem_version.rb +3 -3
data/lib/action_pack.rb +1 -1
metadata +34 -21
data/lib/action_controller/metal/force_ssl.rb +0 -99
data/lib/action_dispatch/http/parameter_filter.rb +0 -86
data/lib/action_dispatch/journey/nfa/builder.rb +0 -78
data/lib/action_dispatch/journey/nfa/simulator.rb +0 -49
data/lib/action_dispatch/journey/nfa/transition_table.rb +0 -120
data/lib/action_dispatch/system_testing/test_helpers/undef_methods.rb +0 -26

data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb ADDED Viewed

@@ -0,0 +1,7 @@
+<header>
+  <h1>Blocked host: <%= @host %></h1>
+</header>
+<div id="container">
+  <h2>To allow requests to <%= @host %> make sure it is a valid hostname (containing only numbers, letters, dashes and dots), then add the following to your environment configuration:</h2>
+  <pre>config.hosts &lt;&lt; "<%= @host %>"</pre>
+</div>

data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb ADDED Viewed

@@ -0,0 +1,5 @@
+Blocked host: <%= @host %>
+To allow requests to <%= @host %> make sure it is a valid hostname (containing only numbers, letters, dashes and dots), then add the following to your environment configuration:
+  config.hosts << "<%= @host %>"

data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb CHANGED Viewed

@@ -1,16 +1,35 @@
 <header>
   <h1>
     <%= @exception.class.to_s %>
-    <% if @request.parameters['controller'] %>
+    <% if params_valid? && @request.parameters['controller'] %>
       in <%= @request.parameters['controller'].camelize %>Controller<% if @request.parameters['action'] %>#<%= @request.parameters['action'] %><% end %>
     <% end %>
   </h1>
 </header>
 <div id="container">
-  <h2><%= h @exception.message %></h2>
+  <%= render "rescues/message_and_suggestions", exception: @exception %>
+  <%= render "rescues/actions", exception: @exception, request: @request %>
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx, error_index: 0 %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show, error_index: 0 %>
+  <% if @exception.cause %>
+    <h2>Exception Causes</h2>
+  <% end %>
+  <% @exception_wrapper.wrapped_causes.each.with_index(1) do |wrapper, index| %>
+    <div class="details">
+      <a class="summary" href="#" style="color: #F0F0F0; text-decoration: none; background: #C52F24; border-bottom: none;" onclick="return toggle(<%= wrapper.exception.object_id %>)">
+        <%= wrapper.exception.class.name %>: <%= h wrapper.exception.message %>
+      </a>
+    </div>
+    <div id="<%= wrapper.exception.object_id %>" style="display: none;">
+      <%= render "rescues/source", source_extracts: wrapper.source_extracts, show_source_idx: wrapper.source_to_show_id, error_index: index %>
+      <%= render "rescues/trace", traces: wrapper.traces, trace_to_show: wrapper.trace_to_show, error_index: index %>
+    </div>
+  <% end %>
-  <%= render template: "rescues/_source" %>
-  <%= render template: "rescues/_trace" %>
   <%= render template: "rescues/_request_and_response" %>
 </div>

data/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb CHANGED Viewed

@@ -1,5 +1,5 @@
 <%= @exception.class.to_s %><%
-  if @request.parameters['controller']
+  if params_valid? && @request.parameters['controller']
 %> in <%= @request.parameters['controller'].camelize %>Controller<% if @request.parameters['action'] %>#<%= @request.parameters['action'] %><% end %>
 <% end %>

data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb CHANGED Viewed

@@ -10,12 +10,15 @@
 <div id="container">
   <h2>
     <%= h @exception.message %>
-    <% if %r{#{ActiveStorage::Blob.table_name}|#{ActiveStorage::Attachment.table_name}}.match?(@exception.message) %>
+    <% if defined?(ActiveStorage) && @exception.message.match?(%r{#{ActiveStorage::Blob.table_name}|#{ActiveStorage::Attachment.table_name}}) %>
       <br />To resolve this issue run: bin/rails active_storage:install
     <% end %>
+    <% if defined?(ActionMailbox) && @exception.message.match?(%r{#{ActionMailbox::InboundEmail.table_name}}) %>
+      <br />To resolve this issue run: bin/rails action_mailbox:install
+    <% end %>
   </h2>
-  <%= render template: "rescues/_source" %>
-  <%= render template: "rescues/_trace" %>
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
   <%= render template: "rescues/_request_and_response" %>
 </div>

data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb CHANGED Viewed

@@ -4,9 +4,12 @@
 <% end %>
 <%= @exception.message %>
-<% if %r{#{ActiveStorage::Blob.table_name}|#{ActiveStorage::Attachment.table_name}}.match?(@exception.message) %>
+<% if defined?(ActiveStorage) && @exception.message.match?(%r{#{ActiveStorage::Blob.table_name}|#{ActiveStorage::Attachment.table_name}}) %>
 To resolve this issue run: bin/rails active_storage:install
 <% end %>
+<% if defined?(ActionMailbox) && @exception.message.match?(%r{#{ActionMailbox::InboundEmail.table_name}}) %>
+To resolve this issue run: bin/rails action_mailbox:install
+<% end %>
 <%= render template: "rescues/_source" %>
 <%= render template: "rescues/_trace" %>

data/lib/action_dispatch/middleware/templates/rescues/layout.erb CHANGED Viewed

@@ -2,11 +2,14 @@
 <html lang="en">
 <head>
   <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1">
   <title>Action Controller: Exception caught</title>
   <style>
     body {
       background-color: #FAFAFA;
       color: #333;
+      color-scheme: light dark;
+      supported-color-schemes: light dark;
       margin: 0px;
     }
@@ -30,27 +33,40 @@
     header {
       color: #F0F0F0;
-      background: #C52F24;
+      background: #C00;
       padding: 0.5em 1.5em;
     }
     h1 {
+      overflow-wrap: break-word;
       margin: 0.2em 0;
       line-height: 1.1em;
       font-size: 2em;
     }
     h2 {
-      color: #C52F24;
+      color: #C00;
       line-height: 25px;
     }
+    .exception-message {
+      padding: 8px 0;
+    }
+    .exception-message .message{
+      margin-bottom: 8px;
+      line-height: 25px;
+      font-size: 1.5em;
+      font-weight: bold;
+      color: #C00;
+    }
     .details {
       border: 1px solid #D0D0D0;
       border-radius: 4px;
       margin: 1em 0px;
       display: block;
-      width: 978px;
+      max-width: 978px;
     }
     .summary {
@@ -78,7 +94,7 @@
     .source {
       border: 1px solid #D9D9D9;
       background: #ECECEC;
-      width: 978px;
+      max-width: 978px;
     }
     .source pre {
@@ -114,18 +130,98 @@
     }
     .line.active {
-      background-color: #FFCCCC;
+      background-color: #FCC;
+    }
+    .button_to {
+      display: inline-block;
+      margin-top: 0.75em;
+      margin-bottom: 0.75em;
     }
     .hidden {
       display: none;
     }
+    input[type="submit"] {
+      color: white;
+      background-color: #C00;
+      border: none;
+      border-radius: 12px;
+      box-shadow: 0 3px #F99;
+      font-size: 13px;
+      font-weight: bold;
+      margin: 0;
+      padding: 10px 18px;
+      -webkit-appearance: none;
+    }
+    input[type="submit"]:focus,
+    input[type="submit"]:hover {
+      opacity: 0.8;
+    }
+    input[type="submit"]:active {
+      box-shadow: 0 2px #F99;
+      transform: translateY(1px)
+    }
     a { color: #980905; }
     a:visited { color: #666; }
-    a.trace-frames { color: #666; }
-    a:hover { color: #C52F24; }
-    a.trace-frames.selected { color: #C52F24 }
+    a.trace-frames {
+      color: #666;
+      overflow-wrap: break-word;
+    }
+    a:hover { color: #C00; }
+    a.trace-frames.selected { color: #C00 }
+    @media (prefers-color-scheme: dark) {
+      body {
+        background-color: #222;
+        color: #ECECEC;
+      }
+      .details {
+        border-color: #666;
+      }
+      .summary {
+        border-color: #666;
+      }
+      .source {
+        border-color: #555;
+        background-color: #333;
+      }
+      .source .data {
+        background: #444;
+      }
+      .source .data .line_numbers {
+        background: #333;
+        border-color: #222;
+      }
+      .line:hover {
+        background: #666;
+      }
+      .line.active {
+        background-color: #900;
+      }
+      input[type="submit"] {
+        box-shadow: 0 3px #800;
+      }
+      input[type="submit"]:active {
+        box-shadow: 0 2px #800;
+      }
+      a { color: #C00; }
+      a.trace-frames { color: #999; }
+      a:hover { color: #E9382B; }
+      a.trace-frames.selected { color: #E9382B; }
+    }
     <%= yield :style %>
   </style>

data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb ADDED Viewed

@@ -0,0 +1,19 @@
+<header>
+  <h1>No template for interactive request</h1>
+</header>
+<div id="container">
+  <h2><%= h @exception.message %></h2>
+  <p class="summary">
+    <strong>NOTE!</strong><br>
+    Unless told otherwise, Rails expects an action to render a template with the same name,<br>
+    contained in a folder named after its controller.
+    If this controller is an API responding with 204 (No Content), <br>
+    which does not require a template,
+    then this error will occur when trying to access it via browser,<br>
+    since we expect an HTML template
+    to be rendered for such requests. If that's the case, carry on.
+  </p>
+</div>

data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.text.erb ADDED Viewed

@@ -0,0 +1,3 @@
+Missing exact template
+<%= @exception.message %>

data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb CHANGED Viewed

@@ -5,7 +5,7 @@
 <div id="container">
   <h2><%= h @exception.message %></h2>
-  <%= render template: "rescues/_source" %>
-  <%= render template: "rescues/_trace" %>
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
   <%= render template: "rescues/_request_and_response" %>
 </div>

data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb CHANGED Viewed

@@ -14,7 +14,7 @@
     </p>
   <% end %>
-  <%= render template: "rescues/_trace" %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
   <% if @routes_inspector %>
     <h2>

data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb CHANGED Viewed

@@ -11,10 +11,10 @@
   </p>
   <pre><code><%= h @exception.message %></code></pre>
-  <%= render template: "rescues/_source" %>
+  <%= render "rescues/source", source_extracts: @source_extracts, show_source_idx: @show_source_idx %>
   <p><%= @exception.sub_template_message %></p>
-  <%= render template: "rescues/_trace" %>
+  <%= render "rescues/trace", traces: @traces, trace_to_show: @trace_to_show %>
   <%= render template: "rescues/_request_and_response" %>
 </div>

data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb CHANGED Viewed

@@ -2,5 +2,5 @@
   <h1>Unknown action</h1>
 </header>
 <div id="container">
-  <h2><%= h @exception.message %></h2>
+  <%= render "rescues/message_and_suggestions", exception: @exception %>
 </div>

data/lib/action_dispatch/middleware/templates/routes/_table.html.erb CHANGED Viewed

@@ -49,6 +49,26 @@
     width: 80%;
     font-size: inherit;
   }
+  @media (prefers-color-scheme: dark) {
+    body {
+      background-color: #222;
+      color: #ECECEC;
+    }
+    #route_table tbody tr:nth-child(odd) {
+      background: #333;
+    }
+    #route_table tbody tr:nth-child(even) {
+      background: #444;
+    }
+    #route_table tbody.exact_matches,
+    #route_table tbody.fuzzy_matches {
+      color: #333;
+    }
+  }
 <% end %>
 <table id='route_table' class='route_table'>
@@ -85,7 +105,7 @@
 </table>
 <script type='text/javascript'>
-  // support forEarch iterator on NodeList
+  // support forEach iterator on NodeList
   NodeList.prototype.forEach = Array.prototype.forEach;
   // Enables path search functionality
@@ -197,4 +217,7 @@
   setupMatchPaths();
   setupRouteToggleHelperLinks();
+  // Focus the search input after page has loaded
+  document.getElementById('search').focus();
 </script>

data/lib/action_dispatch/railtie.rb CHANGED Viewed

@@ -21,7 +21,9 @@ module ActionDispatch
     config.action_dispatch.encrypted_signed_cookie_salt = "signed encrypted cookie"
     config.action_dispatch.authenticated_encrypted_cookie_salt = "authenticated encrypted cookie"
     config.action_dispatch.use_authenticated_cookie_encryption = false
+    config.action_dispatch.use_cookies_with_metadata = false
     config.action_dispatch.perform_deep_munge = true
+    config.action_dispatch.request_id_header = "X-Request-Id"
     config.action_dispatch.default_headers = {
       "X-Frame-Options" => "SAMEORIGIN",
@@ -37,11 +39,15 @@ module ActionDispatch
     config.eager_load_namespaces << ActionDispatch
     initializer "action_dispatch.configure" do |app|
+      ActionDispatch::Http::URL.secure_protocol = app.config.force_ssl
       ActionDispatch::Http::URL.tld_length = app.config.action_dispatch.tld_length
       ActionDispatch::Request.ignore_accept_header = app.config.action_dispatch.ignore_accept_header
       ActionDispatch::Request::Utils.perform_deep_munge = app.config.action_dispatch.perform_deep_munge
-      ActionDispatch::Response.default_charset = app.config.action_dispatch.default_charset || app.config.encoding
-      ActionDispatch::Response.default_headers = app.config.action_dispatch.default_headers
+      ActiveSupport.on_load(:action_dispatch_response) do
+        self.default_charset = app.config.action_dispatch.default_charset || app.config.encoding
+        self.default_headers = app.config.action_dispatch.default_headers
+      end
       ActionDispatch::ExceptionWrapper.rescue_responses.merge!(config.action_dispatch.rescue_responses)
       ActionDispatch::ExceptionWrapper.rescue_templates.merge!(config.action_dispatch.rescue_templates)

data/lib/action_dispatch/request/session.rb CHANGED Viewed

@@ -93,12 +93,20 @@ module ActionDispatch
         key = key.to_s
         if key == "session_id"
-          id && id.public_id
+          id&.public_id
         else
           @delegate[key]
         end
       end
+      # Returns the nested value specified by the sequence of keys, returning
+      # +nil+ if any intermediate step is +nil+.
+      def dig(*keys)
+        load_for_read!
+        keys = keys.map.with_index { |key, i| i.zero? ? key.to_s : key }
+        @delegate.dig(*keys)
+      end
       # Returns true if the session has the given key or false.
       def has_key?(key)
         load_for_read!
@@ -150,7 +158,7 @@ module ActionDispatch
       #   # => {"session_id"=>"e29b9ea315edf98aad94cc78c34cc9b2", "foo" => "bar"}
       def update(hash)
         load_for_write!
-        @delegate.update stringify_keys(hash)
+        @delegate.update hash.stringify_keys
       end
       # Deletes given key from the session.
@@ -214,7 +222,6 @@ module ActionDispatch
       end
       private
         def load_for_read!
           load! if !loaded? && exists?
         end
@@ -226,15 +233,9 @@ module ActionDispatch
         def load!
           id, session = @by.load_session @req
           options[:id] = id
-          @delegate.replace(stringify_keys(session))
+          @delegate.replace(session.stringify_keys)
           @loaded = true
         end
-        def stringify_keys(other)
-          other.each_with_object({}) { |(key, value), hash|
-            hash[key.to_s] = value
-          }
-        end
     end
   end
 end

data/lib/action_dispatch/request/utils.rb CHANGED Viewed

@@ -41,6 +41,10 @@ module ActionDispatch
         end
       end
+      def self.set_binary_encoding(request, params, controller, action)
+        CustomParamEncoder.encode(request, params, controller, action)
+      end
       class ParamEncoder # :nodoc:
         # Convert nested Hash to HashWithIndifferentAccess.
         def self.normalize_encode_params(params)
@@ -51,8 +55,8 @@ module ActionDispatch
             if params.has_key?(:tempfile)
               ActionDispatch::Http::UploadedFile.new(params)
             else
-              params.each_with_object({}) do |(key, val), new_hash|
-                new_hash[key] = normalize_encode_params(val)
+              params.transform_values do |val|
+                normalize_encode_params(val)
               end.with_indifferent_access
             end
           else
@@ -73,6 +77,26 @@ module ActionDispatch
           list
         end
       end
+      class CustomParamEncoder # :nodoc:
+        def self.encode(request, params, controller, action)
+          return params unless controller && controller.valid_encoding? && encoding_template = action_encoding_template(request, controller, action)
+          params.except(:controller, :action).each do |key, value|
+            ActionDispatch::Request::Utils.each_param_value(value) do |param|
+              if encoding_template[key.to_s]
+                param.force_encoding(encoding_template[key.to_s])
+              end
+            end
+          end
+          params
+        end
+        def self.action_encoding_template(request, controller, action) # :nodoc:
+          request.controller_class_for(controller).action_encoding_template(action)
+        rescue MissingController
+          nil
+        end
+      end
     end
   end
 end