actionpack 7.0.4 → 7.1.5.1

data/lib/action_dispatch/http/permissions_policy.rb

@@ -3,6 +3,8 @@
 require "active_support/core_ext/object/deep_dup"
 
 module ActionDispatch # :nodoc:
+  # = Action Dispatch \PermissionsPolicy
+  #
   # Configures the HTTP
   # {Feature-Policy}[https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy]
   # response header to specify which browser features the current document and
@@ -19,47 +21,38 @@ module ActionDispatch # :nodoc:
   #     policy.payment     :self, "https://secure.example.com"
   #   end
   #
+  # The Feature-Policy header has been renamed to Permissions-Policy.
+  # The Permissions-Policy requires a different implementation and isn't
+  # yet supported by all browsers. To avoid having to rename this
+  # middleware in the future we use the new name for the middleware but
+  # keep the old header name and implementation for now.
   class PermissionsPolicy
     class Middleware
-      CONTENT_TYPE = "Content-Type"
-      # The Feature-Policy header has been renamed to Permissions-Policy.
-      # The Permissions-Policy requires a different implementation and isn't
-      # yet supported by all browsers. To avoid having to rename this
-      # middleware in the future we use the new name for the middleware but
-      # keep the old header name and implementation for now.
-      POLICY       = "Feature-Policy"
-
       def initialize(app)
         @app = app
       end
 
       def call(env)
-        request = ActionDispatch::Request.new(env)
         _, headers, _ = response = @app.call(env)
 
-        return response unless html_response?(headers)
         return response if policy_present?(headers)
 
+        request = ActionDispatch::Request.new(env)
+
         if policy = request.permissions_policy
-          headers[POLICY] = policy.build(request.controller_instance)
+          headers[ActionDispatch::Constants::FEATURE_POLICY] = policy.build(request.controller_instance)
         end
 
         if policy_empty?(policy)
-          headers.delete(POLICY)
+          headers.delete(ActionDispatch::Constants::FEATURE_POLICY)
         end
 
         response
       end
 
       private
-        def html_response?(headers)
-          if content_type = headers[CONTENT_TYPE]
-            /html/.match?(content_type)
-          end
-        end
-
         def policy_present?(headers)
-          headers[POLICY]
+          headers[ActionDispatch::Constants::FEATURE_POLICY]
         end
 
         def policy_empty?(policy)
@@ -85,7 +78,7 @@ module ActionDispatch # :nodoc:
     }.freeze
 
     # List of available permissions can be found at
-    # https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#policy-controlled-features
+    # https://github.com/w3c/webappsec-permissions-policy/blob/main/features.md#policy-controlled-features
     DIRECTIVES = {
       accelerometer:        "accelerometer",
       ambient_light_sensor: "ambient-light-sensor",
@@ -95,15 +88,18 @@ module ActionDispatch # :nodoc:
       fullscreen:           "fullscreen",
       geolocation:          "geolocation",
       gyroscope:            "gyroscope",
+      hid:                  "hid",
+      idle_detection:       "idle-detection",
       magnetometer:         "magnetometer",
       microphone:           "microphone",
       midi:                 "midi",
       payment:              "payment",
       picture_in_picture:   "picture-in-picture",
-      speaker:              "speaker",
+      screen_wake_lock:     "screen-wake-lock",
+      serial:               "serial",
+      sync_xhr:             "sync-xhr",
       usb:                  "usb",
-      vibrate:              "vibrate",
-      vr:                   "vr",
+      web_share:            "web-share",
     }.freeze
 
     private_constant :MAPPINGS, :DIRECTIVES
@@ -129,6 +125,25 @@ module ActionDispatch # :nodoc:
       end
     end
 
+    %w[speaker vibrate vr].each do |directive|
+      define_method(directive) do |*sources|
+        ActionDispatch.deprecator.warn(<<~MSG)
+          The `#{directive}` permissions policy directive is deprecated
+          and will be removed in Rails 7.2.
+
+          There is no browser support for this directive, and no plan
+          for browser support in the future. You can just remove this
+          directive from your application.
+        MSG
+
+        if sources.first
+          @directives[directive] = apply_mappings(sources)
+        else
+          @directives.delete(directive)
+        end
+      end
+    end
+
     def build(context = nil)
       build_directives(context).compact.join("; ")
     end

data/lib/action_dispatch/http/rack_cache.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+# :enddoc:
+
 require "rack/cache"
 require "rack/cache/context"
 require "active_support/cache"

data/lib/action_dispatch/http/request.rb

@@ -72,7 +72,7 @@ module ActionDispatch
 
     PASS_NOT_FOUND = Class.new { # :nodoc:
       def self.action(_); self; end
-      def self.call(_); [404, { "X-Cascade" => "pass" }, []]; end
+      def self.call(_); [404, { Constants::X_CASCADE => "pass" }, []]; end
       def self.action_encoding_template(action); false; end
     }
 
@@ -107,22 +107,21 @@ module ActionDispatch
       has_header? key
     end
 
-    # List of HTTP request methods from the following RFCs:
-    # Hypertext Transfer Protocol -- HTTP/1.1 (https://www.ietf.org/rfc/rfc2616.txt)
-    # HTTP Extensions for Distributed Authoring -- WEBDAV (https://www.ietf.org/rfc/rfc2518.txt)
-    # Versioning Extensions to WebDAV (https://www.ietf.org/rfc/rfc3253.txt)
-    # Ordered Collections Protocol (WebDAV) (https://www.ietf.org/rfc/rfc3648.txt)
-    # Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (https://www.ietf.org/rfc/rfc3744.txt)
-    # Web Distributed Authoring and Versioning (WebDAV) SEARCH (https://www.ietf.org/rfc/rfc5323.txt)
-    # Calendar Extensions to WebDAV (https://www.ietf.org/rfc/rfc4791.txt)
-    # PATCH Method for HTTP (https://www.ietf.org/rfc/rfc5789.txt)
+    # HTTP methods from {RFC 2616: Hypertext Transfer Protocol -- HTTP/1.1}[https://www.ietf.org/rfc/rfc2616.txt]
     RFC2616 = %w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
+    # HTTP methods from {RFC 2518: HTTP Extensions for Distributed Authoring -- WEBDAV}[https://www.ietf.org/rfc/rfc2518.txt]
     RFC2518 = %w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
+    # HTTP methods from {RFC 3253: Versioning Extensions to WebDAV}[https://www.ietf.org/rfc/rfc3253.txt]
     RFC3253 = %w(VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL MKACTIVITY)
+    # HTTP methods from {RFC 3648: WebDAV Ordered Collections Protocol}[https://www.ietf.org/rfc/rfc3648.txt]
     RFC3648 = %w(ORDERPATCH)
+    # HTTP methods from {RFC 3744: WebDAV Access Control Protocol}[https://www.ietf.org/rfc/rfc3744.txt]
     RFC3744 = %w(ACL)
+    # HTTP methods from {RFC 5323: WebDAV SEARCH}[https://www.ietf.org/rfc/rfc5323.txt]
     RFC5323 = %w(SEARCH)
+    # HTTP methods from {RFC 4791: Calendaring Extensions to WebDAV}[https://www.ietf.org/rfc/rfc4791.txt]
     RFC4791 = %w(MKCALENDAR)
+    # HTTP methods from {RFC 5789: PATCH Method for HTTP}[https://www.ietf.org/rfc/rfc5789.txt]
     RFC5789 = %w(PATCH)
 
     HTTP_METHODS = RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC4791 + RFC5789
@@ -146,6 +145,18 @@ module ActionDispatch
       @request_method ||= check_method(super)
     end
 
+    # Returns the URI pattern of the matched route for the request,
+    # using the same format as `bin/rails routes`:
+    #
+    #   request.route_uri_pattern # => "/:controller(/:action(/:id))(.:format)"
+    def route_uri_pattern
+      get_header("action_dispatch.route_uri_pattern")
+    end
+
+    def route_uri_pattern=(pattern) # :nodoc:
+      set_header("action_dispatch.route_uri_pattern", pattern)
+    end
+
     def routes # :nodoc:
       get_header("action_dispatch.routes")
     end
@@ -180,13 +191,6 @@ module ActionDispatch
       get_header "action_dispatch.http_auth_salt"
     end
 
-    def show_exceptions? # :nodoc:
-      # We're treating `nil` as "unset", and we want the default setting to be
-      # `true`. This logic should be extracted to `env_config` and calculated
-      # once.
-      !(get_header("action_dispatch.show_exceptions") == false)
-    end
-
     # Returns a symbol form of the #request_method.
     def request_method_symbol
       HTTP_METHOD_LOOKUP[request_method]
@@ -195,9 +199,20 @@ module ActionDispatch
     # Returns the original value of the environment's REQUEST_METHOD,
     # even if it was overridden by middleware. See #request_method for
     # more information.
-    def method
-      @method ||= check_method(get_header("rack.methodoverride.original_method") || get_header("REQUEST_METHOD"))
+    #
+    # For debugging purposes, when called with arguments this method will
+    # fall back to Object#method
+    def method(*args)
+      if args.empty?
+        @method ||= check_method(
+          get_header("rack.methodoverride.original_method") ||
+          get_header("REQUEST_METHOD")
+        )
+      else
+        super
+      end
     end
+    ruby2_keywords(:method)
 
     # Returns a symbol form of the #method.
     def method_symbol
@@ -214,11 +229,12 @@ module ActionDispatch
     # Early Hints is an HTTP/2 status code that indicates hints to help a client start
     # making preparations for processing the final response.
     #
-    # If the env contains +rack.early_hints+ then the server accepts HTTP2 push for Link headers.
+    # If the env contains +rack.early_hints+ then the server accepts HTTP2 push for
+    # link headers.
     #
     # The +send_early_hints+ method accepts a hash of links as follows:
     #
-    #   send_early_hints("Link" => "</style.css>; rel=preload; as=style\n</script.js>; rel=preload")
+    #   send_early_hints("link" => "</style.css>; rel=preload; as=style,</script.js>; rel=preload")
     #
     # If you are using +javascript_include_tag+ or +stylesheet_link_tag+ the
     # Early Hints headers are included by default if supported.
@@ -268,10 +284,11 @@ module ActionDispatch
 
     # Returns the content length of the request as an integer.
     def content_length
+      return raw_post.bytesize if headers.key?("Transfer-Encoding")
       super.to_i
     end
 
-    # Returns true if the "X-Requested-With" header contains "XMLHttpRequest"
+    # Returns true if the +X-Requested-With+ header contains "XMLHttpRequest"
     # (case-insensitive), which may need to be manually added depending on the
     # choice of JavaScript libraries and frameworks.
     def xml_http_request?
@@ -297,7 +314,7 @@ module ActionDispatch
 
     ACTION_DISPATCH_REQUEST_ID = "action_dispatch.request_id" # :nodoc:
 
-    # Returns the unique request id, which is based on either the X-Request-Id header that can
+    # Returns the unique request id, which is based on either the +X-Request-Id+ header that can
     # be generated by a firewall, load balancer, or web server, or by the RequestId middleware
     # (which sets the +action_dispatch.request_id+ environment variable).
     #
@@ -322,9 +339,7 @@ module ActionDispatch
     # work with raw requests directly.
     def raw_post
       unless has_header? "RAW_POST_DATA"
-        raw_post_body = body
-        set_header("RAW_POST_DATA", raw_post_body.read(content_length))
-        raw_post_body.rewind if raw_post_body.respond_to?(:rewind)
+        set_header("RAW_POST_DATA", read_body_stream)
       end
       get_header "RAW_POST_DATA"
     end
@@ -341,13 +356,13 @@ module ActionDispatch
     end
 
     # Determine whether the request body contains form-data by checking
-    # the request Content-Type for one of the media-types:
-    # "application/x-www-form-urlencoded" or "multipart/form-data". The
+    # the request +Content-Type+ for one of the media-types:
+    # +application/x-www-form-urlencoded+ or +multipart/form-data+. The
     # list of form-data media types can be modified through the
     # +FORM_DATA_MEDIA_TYPES+ array.
     #
     # A request body is not assumed to contain form-data when no
-    # Content-Type header is provided and the request_method is POST.
+    # +Content-Type+ header is provided and the request_method is POST.
     def form_data?
       FORM_DATA_MEDIA_TYPES.include?(media_type)
     end
@@ -358,6 +373,7 @@ module ActionDispatch
 
     def reset_session
       session.destroy
+      reset_csrf_token
     end
 
     def session=(session) # :nodoc:
@@ -379,7 +395,7 @@ module ActionDispatch
         Request::Utils.check_param_encoding(rack_query_params)
         set_header k, Request::Utils.normalize_encode_params(rack_query_params)
       end
-    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
+    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError, Rack::QueryParser::ParamsTooDeepError => e
       raise ActionController::BadRequest.new("Invalid query parameters: #{e.message}")
     end
     alias :query_parameters :GET
@@ -394,7 +410,7 @@ module ActionDispatch
         Request::Utils.check_param_encoding(pr)
         self.request_parameters = Request::Utils.normalize_encode_params(pr)
       end
-    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
+    rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError, Rack::QueryParser::ParamsTooDeepError, EOFError => e
       raise ActionController::BadRequest.new("Invalid request parameters: #{e.message}")
     end
     alias :request_parameters :POST
@@ -429,15 +445,52 @@ module ActionDispatch
       "#<#{self.class.name} #{method} #{original_url.dump} for #{remote_ip}>"
     end
 
+    def reset_csrf_token
+      controller_instance.reset_csrf_token(self) if controller_instance.respond_to?(:reset_csrf_token)
+    end
+
+    def commit_csrf_token
+      controller_instance.commit_csrf_token(self) if controller_instance.respond_to?(:commit_csrf_token)
+    end
+
     private
       def check_method(name)
-        HTTP_METHOD_LOOKUP[name] || raise(ActionController::UnknownHttpMethod, "#{name}, accepted HTTP methods are #{HTTP_METHODS[0...-1].join(', ')}, and #{HTTP_METHODS[-1]}")
+        if name
+          HTTP_METHOD_LOOKUP[name] || raise(ActionController::UnknownHttpMethod, "#{name}, accepted HTTP methods are #{HTTP_METHODS[0...-1].join(', ')}, and #{HTTP_METHODS[-1]}")
+        end
+
         name
       end
 
       def default_session
         Session.disabled(self)
       end
+
+      def read_body_stream
+        if body_stream
+          reset_stream(body_stream) do
+            if headers.key?("Transfer-Encoding")
+              body_stream.read # Read body stream until EOF if "Transfer-Encoding" is present
+            else
+              body_stream.read(content_length)
+            end
+          end
+        end
+      end
+
+      def reset_stream(body_stream)
+        if body_stream.respond_to?(:rewind)
+          body_stream.rewind
+
+          content = yield
+
+          body_stream.rewind
+
+          content
+        else
+          yield
+        end
+      end
   end
 end
 

data/lib/action_dispatch/http/response.rb

@@ -6,23 +6,23 @@ require "action_dispatch/http/cache"
 require "monitor"
 
 module ActionDispatch # :nodoc:
+  # = Action Dispatch \Response
+  #
   # Represents an HTTP response generated by a controller action. Use it to
   # retrieve the current state of the response, or customize the response. It can
   # either represent a real HTTP response (i.e. one that is meant to be sent
   # back to the web browser) or a TestResponse (i.e. one that is generated
   # from integration tests).
   #
-  # \Response is mostly a Ruby on \Rails framework implementation detail, and
-  # should never be used directly in controllers. Controllers should use the
-  # methods defined in ActionController::Base instead. For example, if you want
-  # to set the HTTP response's content MIME type, then use
-  # ActionControllerBase#headers instead of Response#headers.
+  # The \Response object for the current request is exposed on controllers as
+  # ActionController::Metal#response. ActionController::Metal also provides a
+  # few additional methods that delegate to attributes of the \Response such as
+  # ActionController::Metal#headers.
   #
-  # Nevertheless, integration tests may want to inspect controller responses in
-  # more detail, and that's when \Response can be useful for application
-  # developers. Integration test methods such as
-  # Integration::RequestHelpers#get and Integration::RequestHelpers#post return
-  # objects of type TestResponse (which are of course also of type \Response).
+  # Integration tests will likely also want to inspect responses in
+  # more detail. Methods such as Integration::RequestHelpers#get
+  # and Integration::RequestHelpers#post return instances of
+  # TestResponse (which inherits from \Response) for this purpose.
   #
   # For example, the following demo integration test prints the body of the
   # controller response to the console:
@@ -34,41 +34,43 @@ module ActionDispatch # :nodoc:
   #    end
   #  end
   class Response
-    class Header < DelegateClass(Hash) # :nodoc:
-      def initialize(response, header)
-        @response = response
-        super(header)
-      end
-
-      def []=(k, v)
-        if @response.sending? || @response.sent?
-          raise ActionDispatch::IllegalStateError, "header already sent"
-        end
-
-        super
-      end
-
-      def merge(other)
-        self.class.new @response, __getobj__.merge(other)
-      end
-
-      def to_hash
-        __getobj__.dup
-      end
+    begin
+      # For `Rack::Headers` (Rack 3+):
+      require "rack/headers"
+      Headers = ::Rack::Headers
+    rescue LoadError
+      # For `Rack::Utils::HeaderHash`:
+      require "rack/utils"
+      Headers = ::Rack::Utils::HeaderHash
     end
 
+    # To be deprecated:
+    Header = Headers
+
     # The request that the response is responding to.
     attr_accessor :request
 
     # The HTTP status code.
     attr_reader :status
 
-    # Get headers for this response.
-    attr_reader :header
+    # The headers for the response.
+    #
+    #   header["Content-Type"] # => "text/plain"
+    #   header["Content-Type"] = "application/json"
+    #   header["Content-Type"] # => "application/json"
+    #
+    # Also aliased as +headers+.
+    #
+    #   headers["Content-Type"] # => "text/plain"
+    #   headers["Content-Type"] = "application/json"
+    #   headers["Content-Type"] # => "application/json"
+    #
+    # Also aliased as +header+ for compatibility.
+    attr_reader :headers
 
-    alias_method :headers,  :header
+    alias_method :header, :headers
 
-    delegate :[], :[]=, to: :@header
+    delegate :[], :[]=, to: :@headers
 
     def each(&block)
       sending!
@@ -79,7 +81,6 @@ module ActionDispatch # :nodoc:
 
     CONTENT_TYPE = "Content-Type"
     SET_COOKIE   = "Set-Cookie"
-    LOCATION     = "Location"
     NO_CONTENT_CODES = [100, 101, 102, 103, 204, 205, 304]
 
     cattr_accessor :default_charset, default: "utf-8"
@@ -102,6 +103,12 @@ module ActionDispatch # :nodoc:
         @str_body = nil
       end
 
+      def to_ary
+        @buf.respond_to?(:to_ary) ?
+          @buf.to_ary :
+          @buf.each
+      end
+
       def body
         @str_body ||= begin
           buf = +""
@@ -117,6 +124,7 @@ module ActionDispatch # :nodoc:
         @response.commit!
         @buf.push string
       end
+      alias_method :<<, :write
 
       def each(&block)
         if @str_body
@@ -146,9 +154,9 @@ module ActionDispatch # :nodoc:
         end
     end
 
-    def self.create(status = 200, header = {}, body = [], default_headers: self.default_headers)
-      header = merge_default_headers(header, default_headers)
-      new status, header, body
+    def self.create(status = 200, headers = {}, body = [], default_headers: self.default_headers)
+      headers = merge_default_headers(headers, default_headers)
+      new status, headers, body
     end
 
     def self.merge_default_headers(original, default)
@@ -158,10 +166,14 @@ module ActionDispatch # :nodoc:
     # The underlying body, as a streamable object.
     attr_reader :stream
 
-    def initialize(status = 200, header = {}, body = [])
+    def initialize(status = 200, headers = nil, body = [])
       super()
 
-      @header = Header.new(self, header)
+      @headers = Headers.new
+
+      headers&.each do |key, value|
+        @headers[key] = value
+      end
 
       self.body, self.status = body, status
 
@@ -175,10 +187,10 @@ module ActionDispatch # :nodoc:
       yield self if block_given?
     end
 
-    def has_header?(key);   headers.key? key;   end
-    def get_header(key);    headers[key];       end
-    def set_header(key, v); headers[key] = v;   end
-    def delete_header(key); headers.delete key; end
+    def has_header?(key);   @headers.key? key;   end
+    def get_header(key);    @headers[key];       end
+    def set_header(key, v); @headers[key] = v;   end
+    def delete_header(key); @headers.delete key; end
 
     def await_commit
       synchronize do
@@ -281,7 +293,7 @@ module ActionDispatch # :nodoc:
       @status
     end
 
-    # Returns a string to ensure compatibility with <tt>Net::HTTPResponse</tt>.
+    # Returns a string to ensure compatibility with +Net::HTTPResponse+.
     def code
       @status.to_s
     end
@@ -384,7 +396,7 @@ module ActionDispatch # :nodoc:
     #   status, headers, body = *response
     def to_a
       commit!
-      rack_response @status, @header.to_hash
+      rack_response @status, @headers.to_hash
     end
     alias prepare! to_a
 
@@ -451,8 +463,7 @@ module ActionDispatch # :nodoc:
       # our last chance.
       commit! unless committed?
 
-      headers.freeze
-      request.commit_cookie_jar! unless committed?
+      @request.commit_cookie_jar! unless committed?
     end
 
     def build_buffer(response, body)
@@ -476,10 +487,6 @@ module ActionDispatch # :nodoc:
         @response = response
       end
 
-      def each(*args, &block)
-        @response.each(*args, &block)
-      end
-
       def close
         # Rack "close" maps to Response#abort, and *not* Response#close
         # (which is used when the controller's finished writing)
@@ -490,35 +497,45 @@ module ActionDispatch # :nodoc:
         @response.body
       end
 
+      BODY_METHODS = { to_ary: true, each: true, call: true, to_path: true }
+
       def respond_to?(method, include_private = false)
-        if method.to_sym == :to_path
+        if BODY_METHODS.key?(method)
           @response.stream.respond_to?(method)
         else
           super
         end
       end
 
-      def to_path
-        @response.stream.to_path
+      def to_ary
+        @response.stream.to_ary
       end
 
-      def to_ary
-        nil
+      def each(*args, &block)
+        @response.each(*args, &block)
+      end
+
+      def call(*arguments, &block)
+        @response.stream.call(*arguments, &block)
+      end
+
+      def to_path
+        @response.stream.to_path
       end
     end
 
     def handle_no_content!
       if NO_CONTENT_CODES.include?(@status)
-        @header.delete CONTENT_TYPE
-        @header.delete "Content-Length"
+        @headers.delete CONTENT_TYPE
+        @headers.delete "Content-Length"
       end
     end
 
-    def rack_response(status, header)
+    def rack_response(status, headers)
       if NO_CONTENT_CODES.include?(status)
-        [status, header, []]
+        [status, headers, []]
       else
-        [status, header, RackBody.new(self)]
+        [status, headers, RackBody.new(self)]
       end
     end
   end

data/lib/action_dispatch/http/upload.rb

@@ -2,6 +2,8 @@
 
 module ActionDispatch
   module Http
+    # = Action Dispatch HTTP \UploadedFile
+    #
     # Models uploaded files.
     #
     # The actual file is accessible via the +tempfile+ accessor, though some
@@ -28,6 +30,8 @@ module ActionDispatch
         @tempfile = hash[:tempfile]
         raise(ArgumentError, ":tempfile is required") unless @tempfile
 
+        @content_type = hash[:type]
+
         if hash[:filename]
           @original_filename = hash[:filename].dup
 
@@ -40,8 +44,17 @@ module ActionDispatch
           @original_filename = nil
         end
 
-        @content_type      = hash[:type]
-        @headers           = hash[:head]
+        if hash[:head]
+          @headers = hash[:head].dup
+
+          begin
+            @headers.encode!(Encoding::UTF_8)
+          rescue EncodingError
+            @headers.force_encoding(Encoding::UTF_8)
+          end
+        else
+          @headers = nil
+        end
       end
 
       # Shortcut for +tempfile.read+.