actionpack 6.1.7.5 → 7.1.3.1

data/lib/action_dispatch/http/request.rb

@@ -42,11 +42,8 @@ module ActionDispatch
         HTTP_NEGOTIATE HTTP_PRAGMA HTTP_CLIENT_IP
         HTTP_X_FORWARDED_FOR HTTP_ORIGIN HTTP_VERSION
         HTTP_X_CSRF_TOKEN HTTP_X_REQUEST_ID HTTP_X_FORWARDED_HOST
-        SERVER_ADDR
         ].freeze
 
-    # TODO: Remove SERVER_ADDR when we remove support to Rack 2.1.
-    # See https://github.com/rack/rack/commit/c173b188d81ee437b588c1e046a1c9f031dea550
     ENV_METHODS.each do |env|
       class_eval <<-METHOD, __FILE__, __LINE__ + 1
         # frozen_string_literal: true
@@ -75,7 +72,7 @@ module ActionDispatch
 
     PASS_NOT_FOUND = Class.new { # :nodoc:
       def self.action(_); self; end
-      def self.call(_); [404, { "X-Cascade" => "pass" }, []]; end
+      def self.call(_); [404, { Constants::X_CASCADE => "pass" }, []]; end
       def self.action_encoding_template(action); false; end
     }
 
@@ -90,7 +87,7 @@ module ActionDispatch
         controller_param = name.underscore
         const_name = controller_param.camelize << "Controller"
         begin
-          ActiveSupport::Dependencies.constantize(const_name)
+          const_name.constantize
         rescue NameError => error
           if error.missing_name == const_name || const_name.start_with?("#{error.missing_name}::")
             raise MissingController.new(error.message, error.name)
@@ -110,22 +107,21 @@ module ActionDispatch
       has_header? key
     end
 
-    # List of HTTP request methods from the following RFCs:
-    # Hypertext Transfer Protocol -- HTTP/1.1 (https://www.ietf.org/rfc/rfc2616.txt)
-    # HTTP Extensions for Distributed Authoring -- WEBDAV (https://www.ietf.org/rfc/rfc2518.txt)
-    # Versioning Extensions to WebDAV (https://www.ietf.org/rfc/rfc3253.txt)
-    # Ordered Collections Protocol (WebDAV) (https://www.ietf.org/rfc/rfc3648.txt)
-    # Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (https://www.ietf.org/rfc/rfc3744.txt)
-    # Web Distributed Authoring and Versioning (WebDAV) SEARCH (https://www.ietf.org/rfc/rfc5323.txt)
-    # Calendar Extensions to WebDAV (https://www.ietf.org/rfc/rfc4791.txt)
-    # PATCH Method for HTTP (https://www.ietf.org/rfc/rfc5789.txt)
+    # HTTP methods from {RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1}[https://www.ietf.org/rfc/rfc2616.txt]
     RFC2616 = %w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
+    # HTTP methods from {RFC 2518: HTTP Extensions for Distributed Authoring -- WEBDAV}[https://www.ietf.org/rfc/rfc2518.txt]
     RFC2518 = %w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
+    # HTTP methods from {RFC 3253: Versioning Extensions to WebDAV}[https://www.ietf.org/rfc/rfc3253.txt]
     RFC3253 = %w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
+    # HTTP methods from {RFC 3648: WebDAV Ordered Collections Protocol}[https://www.ietf.org/rfc/rfc3648.txt]
     RFC3648 = %w(ORDERPATCH)
+    # HTTP methods from {RFC 3744: WebDAV Access Control Protocol}[https://www.ietf.org/rfc/rfc3744.txt]
     RFC3744 = %w(ACL)
+    # HTTP methods from {RFC 5323: WebDAV SEARCH}[https://www.ietf.org/rfc/rfc5323.txt]
     RFC5323 = %w(SEARCH)
+    # HTTP methods from {RFC 4791: Calendaring Extensions to WebDAV}[https://www.ietf.org/rfc/rfc4791.txt]
     RFC4791 = %w(MKCALENDAR)
+    # HTTP methods from {RFC 5789: PATCH Method for HTTP}[https://www.ietf.org/rfc/rfc5789.txt]
     RFC5789 = %w(PATCH)
 
     HTTP_METHODS = RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC4791 + RFC5789
@@ -149,6 +145,18 @@ module ActionDispatch
       @request_method ||= check_method(super)
     end
 
+    # Returns the URI pattern of the matched route for the request,
+    # using the same format as `bin/rails routes`:
+    #
+    #   request.route_uri_pattern # => "/:controller(/:action(/:id))(.:format)"
+    def route_uri_pattern
+      get_header("action_dispatch.route_uri_pattern")
+    end
+
+    def route_uri_pattern=(pattern) # :nodoc:
+      set_header("action_dispatch.route_uri_pattern", pattern)
+    end
+
     def routes # :nodoc:
       get_header("action_dispatch.routes")
     end
@@ -165,7 +173,7 @@ module ActionDispatch
       set_header(routes.env_key, name.dup)
     end
 
-    def request_method=(request_method) #:nodoc:
+    def request_method=(request_method) # :nodoc:
       if check_method(request_method)
         @request_method = set_header("REQUEST_METHOD", request_method)
       end
@@ -183,13 +191,6 @@ module ActionDispatch
       get_header "action_dispatch.http_auth_salt"
     end
 
-    def show_exceptions? # :nodoc:
-      # We're treating `nil` as "unset", and we want the default setting to be
-      # `true`. This logic should be extracted to `env_config` and calculated
-      # once.
-      !(get_header("action_dispatch.show_exceptions") == false)
-    end
-
     # Returns a symbol form of the #request_method.
     def request_method_symbol
       HTTP_METHOD_LOOKUP[request_method]
@@ -198,9 +199,20 @@ module ActionDispatch
     # Returns the original value of the environment's REQUEST_METHOD,
     # even if it was overridden by middleware. See #request_method for
     # more information.
-    def method
-      @method ||= check_method(get_header("rack.methodoverride.original_method") || get_header("REQUEST_METHOD"))
+    #
+    # For debugging purposes, when called with arguments this method will
+    # fall back to Object#method
+    def method(*args)
+      if args.empty?
+        @method ||= check_method(
+          get_header("rack.methodoverride.original_method") ||
+          get_header("REQUEST_METHOD")
+        )
+      else
+        super
+      end
     end
+    ruby2_keywords(:method)
 
     # Returns a symbol form of the #method.
     def method_symbol
@@ -266,15 +278,16 @@ module ActionDispatch
     #    # get "/articles"
     #    request.media_type # => "application/x-www-form-urlencoded"
     def media_type
-      content_mime_type.to_s
+      content_mime_type&.to_s
     end
 
     # Returns the content length of the request as an integer.
     def content_length
+      return raw_post.bytesize if headers.key?("Transfer-Encoding")
       super.to_i
     end
 
-    # Returns true if the "X-Requested-With" header contains "XMLHttpRequest"
+    # Returns true if the +X-Requested-With+ header contains "XMLHttpRequest"
     # (case-insensitive), which may need to be manually added depending on the
     # choice of JavaScript libraries and frameworks.
     def xml_http_request?
@@ -300,9 +313,9 @@ module ActionDispatch
 
     ACTION_DISPATCH_REQUEST_ID = "action_dispatch.request_id" # :nodoc:
 
-    # Returns the unique request id, which is based on either the X-Request-Id header that can
-    # be generated by a firewall, load balancer, or web server or by the RequestId middleware
-    # (which sets the action_dispatch.request_id environment variable).
+    # Returns the unique request id, which is based on either the +X-Request-Id+ header that can
+    # be generated by a firewall, load balancer, or web server, or by the RequestId middleware
+    # (which sets the +action_dispatch.request_id+ environment variable).
     #
     # This unique ID is useful for tracing a request from end-to-end as part of logging or debugging.
     # This relies on the Rack variable set by the ActionDispatch::RequestId middleware.
@@ -325,9 +338,8 @@ module ActionDispatch
     # work with raw requests directly.
     def raw_post
       unless has_header? "RAW_POST_DATA"
-        raw_post_body = body
-        set_header("RAW_POST_DATA", raw_post_body.read(content_length))
-        raw_post_body.rewind if raw_post_body.respond_to?(:rewind)
+        set_header("RAW_POST_DATA", read_body_stream)
+        body_stream.rewind if body_stream.respond_to?(:rewind)
       end
       get_header "RAW_POST_DATA"
     end
@@ -344,32 +356,27 @@ module ActionDispatch
     end
 
     # Determine whether the request body contains form-data by checking
-    # the request Content-Type for one of the media-types:
-    # "application/x-www-form-urlencoded" or "multipart/form-data". The
+    # the request +Content-Type+ for one of the media-types:
+    # +application/x-www-form-urlencoded+ or +multipart/form-data+. The
     # list of form-data media types can be modified through the
     # +FORM_DATA_MEDIA_TYPES+ array.
     #
     # A request body is not assumed to contain form-data when no
-    # Content-Type header is provided and the request_method is POST.
+    # +Content-Type+ header is provided and the request_method is POST.
     def form_data?
       FORM_DATA_MEDIA_TYPES.include?(media_type)
     end
 
-    def body_stream #:nodoc:
+    def body_stream # :nodoc:
       get_header("rack.input")
     end
 
-    # TODO This should be broken apart into AD::Request::Session and probably
-    # be included by the session middleware.
     def reset_session
-      if session && session.respond_to?(:destroy)
-        session.destroy
-      else
-        self.session = {}
-      end
+      session.destroy
+      reset_csrf_token
     end
 
-    def session=(session) #:nodoc:
+    def session=(session) # :nodoc:
       Session.set self, session
     end
 
@@ -388,7 +395,7 @@ module ActionDispatch
         Request::Utils.check_param_encoding(rack_query_params)
         set_header k, Request::Utils.normalize_encode_params(rack_query_params)
       end
-    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
+    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError, Rack::QueryParser::ParamsTooDeepError => e
       raise ActionController::BadRequest.new("Invalid query parameters: #{e.message}")
     end
     alias :query_parameters :GET
@@ -403,7 +410,7 @@ module ActionDispatch
         Request::Utils.check_param_encoding(pr)
         self.request_parameters = Request::Utils.normalize_encode_params(pr)
       end
-    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
+    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError, Rack::QueryParser::ParamsTooDeepError, EOFError => e
       raise ActionController::BadRequest.new("Invalid request parameters: #{e.message}")
     end
     alias :request_parameters :POST
@@ -434,19 +441,36 @@ module ActionDispatch
     def commit_flash
     end
 
-    def ssl?
-      super || scheme == "wss"
-    end
-
     def inspect # :nodoc:
       "#<#{self.class.name} #{method} #{original_url.dump} for #{remote_ip}>"
     end
 
+    def reset_csrf_token
+      controller_instance.reset_csrf_token(self) if controller_instance.respond_to?(:reset_csrf_token)
+    end
+
+    def commit_csrf_token
+      controller_instance.commit_csrf_token(self) if controller_instance.respond_to?(:commit_csrf_token)
+    end
+
     private
       def check_method(name)
-        HTTP_METHOD_LOOKUP[name] || raise(ActionController::UnknownHttpMethod, "#{name}, accepted HTTP methods are #{HTTP_METHODS[0...-1].join(', ')}, and #{HTTP_METHODS[-1]}")
+        if name
+          HTTP_METHOD_LOOKUP[name] || raise(ActionController::UnknownHttpMethod, "#{name}, accepted HTTP methods are #{HTTP_METHODS[0...-1].join(', ')}, and #{HTTP_METHODS[-1]}")
+        end
+
         name
       end
+
+      def default_session
+        Session.disabled(self)
+      end
+
+      def read_body_stream
+        body_stream.rewind if body_stream.respond_to?(:rewind)
+        return body_stream.read if headers.key?("Transfer-Encoding") # Read body stream until EOF if "Transfer-Encoding" is present
+        body_stream.read(content_length)
+      end
   end
 end
 

data/lib/action_dispatch/http/response.rb

@@ -6,24 +6,23 @@ require "action_dispatch/http/cache"
 require "monitor"
 
 module ActionDispatch # :nodoc:
+  # = Action Dispatch \Response
+  #
   # Represents an HTTP response generated by a controller action. Use it to
   # retrieve the current state of the response, or customize the response. It can
   # either represent a real HTTP response (i.e. one that is meant to be sent
   # back to the web browser) or a TestResponse (i.e. one that is generated
   # from integration tests).
   #
-  # \Response is mostly a Ruby on \Rails framework implementation detail, and
-  # should never be used directly in controllers. Controllers should use the
-  # methods defined in ActionController::Base instead. For example, if you want
-  # to set the HTTP response's content MIME type, then use
-  # ActionControllerBase#headers instead of Response#headers.
+  # The \Response object for the current request is exposed on controllers as
+  # ActionController::Metal#response. ActionController::Metal also provides a
+  # few additional methods that delegate to attributes of the \Response such as
+  # ActionController::Metal#headers.
   #
-  # Nevertheless, integration tests may want to inspect controller responses in
-  # more detail, and that's when \Response can be useful for application
-  # developers. Integration test methods such as
-  # ActionDispatch::Integration::Session#get and
-  # ActionDispatch::Integration::Session#post return objects of type
-  # TestResponse (which are of course also of type \Response).
+  # Integration tests will likely also want to inspect responses in
+  # more detail. Methods such as Integration::RequestHelpers#get
+  # and Integration::RequestHelpers#post return instances of
+  # TestResponse (which inherits from \Response) for this purpose.
   #
   # For example, the following demo integration test prints the body of the
   # controller response to the console:
@@ -35,41 +34,43 @@ module ActionDispatch # :nodoc:
   #    end
   #  end
   class Response
-    class Header < DelegateClass(Hash) # :nodoc:
-      def initialize(response, header)
-        @response = response
-        super(header)
-      end
-
-      def []=(k, v)
-        if @response.sending? || @response.sent?
-          raise ActionDispatch::IllegalStateError, "header already sent"
-        end
-
-        super
-      end
-
-      def merge(other)
-        self.class.new @response, __getobj__.merge(other)
-      end
-
-      def to_hash
-        __getobj__.dup
-      end
+    begin
+      # For `Rack::Headers` (Rack 3+):
+      require "rack/headers"
+      Headers = ::Rack::Headers
+    rescue LoadError
+      # For `Rack::Utils::HeaderHash`:
+      require "rack/utils"
+      Headers = ::Rack::Utils::HeaderHash
     end
 
+    # To be deprecated:
+    Header = Headers
+
     # The request that the response is responding to.
     attr_accessor :request
 
     # The HTTP status code.
     attr_reader :status
 
-    # Get headers for this response.
-    attr_reader :header
+    # The headers for the response.
+    #
+    #   header["Content-Type"] # => "text/plain"
+    #   header["Content-Type"] = "application/json"
+    #   header["Content-Type"] # => "application/json"
+    #
+    # Also aliased as +headers+.
+    #
+    #   headers["Content-Type"] # => "text/plain"
+    #   headers["Content-Type"] = "application/json"
+    #   headers["Content-Type"] # => "application/json"
+    #
+    # Also aliased as +header+ for compatibility.
+    attr_reader :headers
 
-    alias_method :headers,  :header
+    alias_method :header, :headers
 
-    delegate :[], :[]=, to: :@header
+    delegate :[], :[]=, to: :@headers
 
     def each(&block)
       sending!
@@ -80,24 +81,11 @@ module ActionDispatch # :nodoc:
 
     CONTENT_TYPE = "Content-Type"
     SET_COOKIE   = "Set-Cookie"
-    LOCATION     = "Location"
     NO_CONTENT_CODES = [100, 101, 102, 103, 204, 205, 304]
 
     cattr_accessor :default_charset, default: "utf-8"
     cattr_accessor :default_headers
 
-    def self.return_only_media_type_on_content_type=(*)
-      ActiveSupport::Deprecation.warn(
-        ".return_only_media_type_on_content_type= is dreprecated with no replacement and will be removed in 7.0."
-      )
-    end
-
-    def self.return_only_media_type_on_content_type
-      ActiveSupport::Deprecation.warn(
-        ".return_only_media_type_on_content_type is dreprecated with no replacement and will be removed in 7.0."
-      )
-    end
-
     include Rack::Response::Helpers
     # Aliasing these off because AD::Http::Cache::Response defines them.
     alias :_cache_control :cache_control
@@ -115,6 +103,12 @@ module ActionDispatch # :nodoc:
         @str_body = nil
       end
 
+      def to_ary
+        @buf.respond_to?(:to_ary) ?
+          @buf.to_ary :
+          @buf.each
+      end
+
       def body
         @str_body ||= begin
           buf = +""
@@ -130,6 +124,7 @@ module ActionDispatch # :nodoc:
         @response.commit!
         @buf.push string
       end
+      alias_method :<<, :write
 
       def each(&block)
         if @str_body
@@ -159,9 +154,9 @@ module ActionDispatch # :nodoc:
         end
     end
 
-    def self.create(status = 200, header = {}, body = [], default_headers: self.default_headers)
-      header = merge_default_headers(header, default_headers)
-      new status, header, body
+    def self.create(status = 200, headers = {}, body = [], default_headers: self.default_headers)
+      headers = merge_default_headers(headers, default_headers)
+      new status, headers, body
     end
 
     def self.merge_default_headers(original, default)
@@ -171,10 +166,14 @@ module ActionDispatch # :nodoc:
     # The underlying body, as a streamable object.
     attr_reader :stream
 
-    def initialize(status = 200, header = {}, body = [])
+    def initialize(status = 200, headers = nil, body = [])
       super()
 
-      @header = Header.new(self, header)
+      @headers = Headers.new
+
+      headers&.each do |key, value|
+        @headers[key] = value
+      end
 
       self.body, self.status = body, status
 
@@ -188,10 +187,10 @@ module ActionDispatch # :nodoc:
       yield self if block_given?
     end
 
-    def has_header?(key);   headers.key? key;   end
-    def get_header(key);    headers[key];       end
-    def set_header(key, v); headers[key] = v;   end
-    def delete_header(key); headers.delete key; end
+    def has_header?(key);   @headers.key? key;   end
+    def get_header(key);    @headers[key];       end
+    def set_header(key, v); @headers[key] = v;   end
+    def delete_header(key); @headers.delete key; end
 
     def await_commit
       synchronize do
@@ -294,7 +293,7 @@ module ActionDispatch # :nodoc:
       @status
     end
 
-    # Returns a string to ensure compatibility with <tt>Net::HTTPResponse</tt>.
+    # Returns a string to ensure compatibility with +Net::HTTPResponse+.
     def code
       @status.to_s
     end
@@ -336,7 +335,7 @@ module ActionDispatch # :nodoc:
     # Avoid having to pass an open file handle as the response body.
     # Rack::Sendfile will usually intercept the response and uses
     # the path directly, so there is no reason to open the file.
-    class FileBody #:nodoc:
+    class FileBody # :nodoc:
       attr_reader :to_path
 
       def initialize(path)
@@ -397,7 +396,7 @@ module ActionDispatch # :nodoc:
     #   status, headers, body = *response
     def to_a
       commit!
-      rack_response @status, @header.to_hash
+      rack_response @status, @headers.to_hash
     end
     alias prepare! to_a
 
@@ -464,8 +463,7 @@ module ActionDispatch # :nodoc:
       # our last chance.
       commit! unless committed?
 
-      headers.freeze
-      request.commit_cookie_jar! unless committed?
+      @request.commit_cookie_jar! unless committed?
     end
 
     def build_buffer(response, body)
@@ -489,10 +487,6 @@ module ActionDispatch # :nodoc:
         @response = response
       end
 
-      def each(*args, &block)
-        @response.each(*args, &block)
-      end
-
       def close
         # Rack "close" maps to Response#abort, and *not* Response#close
         # (which is used when the controller's finished writing)
@@ -503,35 +497,45 @@ module ActionDispatch # :nodoc:
         @response.body
       end
 
+      BODY_METHODS = { to_ary: true, each: true, call: true, to_path: true }
+
       def respond_to?(method, include_private = false)
-        if method.to_sym == :to_path
+        if BODY_METHODS.key?(method)
           @response.stream.respond_to?(method)
         else
           super
         end
       end
 
-      def to_path
-        @response.stream.to_path
+      def to_ary
+        @response.stream.to_ary
       end
 
-      def to_ary
-        nil
+      def each(*args, &block)
+        @response.each(*args, &block)
+      end
+
+      def call(*arguments, &block)
+        @response.stream.call(*arguments, &block)
+      end
+
+      def to_path
+        @response.stream.to_path
       end
     end
 
     def handle_no_content!
       if NO_CONTENT_CODES.include?(@status)
-        @header.delete CONTENT_TYPE
-        @header.delete "Content-Length"
+        @headers.delete CONTENT_TYPE
+        @headers.delete "Content-Length"
       end
     end
 
-    def rack_response(status, header)
+    def rack_response(status, headers)
       if NO_CONTENT_CODES.include?(status)
-        [status, header, []]
+        [status, headers, []]
       else
-        [status, header, RackBody.new(self)]
+        [status, headers, RackBody.new(self)]
       end
     end
   end

data/lib/action_dispatch/http/upload.rb

@@ -2,6 +2,8 @@
 
 module ActionDispatch
   module Http
+    # = Action Dispatch HTTP \UploadedFile
+    #
     # Models uploaded files.
     #
     # The actual file is accessible via the +tempfile+ accessor, though some
@@ -28,6 +30,8 @@ module ActionDispatch
         @tempfile = hash[:tempfile]
         raise(ArgumentError, ":tempfile is required") unless @tempfile
 
+        @content_type = hash[:type]
+
         if hash[:filename]
           @original_filename = hash[:filename].dup
 
@@ -40,8 +44,17 @@ module ActionDispatch
           @original_filename = nil
         end
 
-        @content_type      = hash[:type]
-        @headers           = hash[:head]
+        if hash[:head]
+          @headers = hash[:head].dup
+
+          begin
+            @headers.encode!(Encoding::UTF_8)
+          rescue EncodingError
+            @headers.force_encoding(Encoding::UTF_8)
+          end
+        else
+          @headers = nil
+        end
       end
 
       # Shortcut for +tempfile.read+.

data/lib/action_dispatch/http/url.rb

@@ -71,7 +71,8 @@ module ActionDispatch
           path = options[:script_name].to_s.chomp("/")
           path << options[:path] if options.key?(:path)
 
-          add_trailing_slash(path) if options[:trailing_slash]
+          path = "/" if options[:trailing_slash] && path.blank?
+
           add_params(path, options[:params]) if options.key?(:params)
           add_anchor(path, options[:anchor]) if options.key?(:anchor)
 
@@ -101,14 +102,6 @@ module ActionDispatch
             parts[0..-(tld_length + 2)]
           end
 
-          def add_trailing_slash(path)
-            if path.include?("?")
-              path.sub!(/\?/, '/\&')
-            elsif !path.include?(".")
-              path.sub!(/[^\/]\z|\A\z/, '\&/')
-            end
-          end
-
           def build_host_url(host, port, protocol, options, path)
             if match = host.match(HOST_REGEXP)
               protocol ||= match[1] unless protocol == false
@@ -222,7 +215,7 @@ module ActionDispatch
         if forwarded = x_forwarded_host.presence
           forwarded.split(/,\s?/).last
         else
-          get_header("HTTP_HOST") || "#{server_name || server_addr}:#{get_header('SERVER_PORT')}"
+          get_header("HTTP_HOST") || "#{server_name}:#{get_header('SERVER_PORT')}"
         end
       end
 
@@ -258,12 +251,10 @@ module ActionDispatch
       #   req = ActionDispatch::Request.new 'HTTP_HOST' => 'example.com:8080'
       #   req.port # => 8080
       def port
-        @port ||= begin
-          if raw_host_with_port =~ /:(\d+)$/
-            $1.to_i
-          else
-            standard_port
-          end
+        @port ||= if raw_host_with_port =~ /:(\d+)$/
+          $1.to_i
+        else
+          standard_port
         end
       end
 
@@ -272,9 +263,10 @@ module ActionDispatch
       #   req = ActionDispatch::Request.new 'HTTP_HOST' => 'example.com:8080'
       #   req.standard_port # => 80
       def standard_port
-        case protocol
-        when "https://" then 443
-        else 80
+        if "https://" == protocol
+          443
+        else
+          80
         end
       end
 

data/lib/action_dispatch/journey/formatter.rb

@@ -57,6 +57,9 @@ module ActionDispatch
       end
 
       def generate(name, options, path_parameters)
+        original_options = options.dup
+        path_params = options.delete(:path_params) || {}
+        options = path_params.merge(options)
         constraints = path_parameters.merge(options)
         missing_keys = nil
 
@@ -70,8 +73,11 @@ module ActionDispatch
 
           missing_keys = missing_keys(route, parameterized_parts)
           next if missing_keys && !missing_keys.empty?
-          params = options.dup.delete_if do |key, _|
-            parameterized_parts.key?(key) || route.defaults.key?(key)
+          params = options.delete_if do |key, _|
+            # top-level params' normal behavior of generating query_params
+            # should be preserved even if the same key is also a bind_param
+            parameterized_parts.key?(key) || route.defaults.key?(key) ||
+              (path_params.key?(key) && !original_options.key?(key))
           end
 
           defaults       = route.defaults