actionpack 2.2.2 → 2.2.3

data/CHANGELOG

@@ -1,9 +1,72 @@
-*2.2.2 [2.2 Final]*
+*2.2.3 (September 4th, 2009)*
 
-* Deprecated the :file default for ActionView#render to prepare for 2.3's new :partial default [DHH]
+* Sanitize multibyte strings before escaping them with escape_once. CVE-2009-3009
+
+* Backwards Compatibility: bring back Request#relative_url_root but deprecate it.
+
+* Rationalise the session options to one hash, prevents rack or integration tests from seeing in correct defaults. [Koz]
+
+* I18n: translate number_to_human_size. Add storage_units: [Bytes, KB, MB, GB, TB] to your translations.  #1448 [Yaroslav Markin]
+
+* Fixed the AssetTagHelper cache to use the computed asset host as part of the cache key instead of just assuming the its a string #1299 [DHH]
+
+* Make ActionController#render(string) work as a shortcut for render :file/:template/:action => string. [#1435] [Pratik Naik] Examples:
+
+  # Instead of render(:action => 'other_action')
+  render('other_action') # argument has no '/'
+  render(:other_action)
+
+  # Instead of render(:template => 'controller/action')
+  render('controller/action') # argument must not begin with a '/', but contain a '/'
+
+  # Instead of render(:file => '/Users/lifo/home.html.erb')
+  render('/Users/lifo/home.html.erb') # argument must begin with a '/'
+
+* Add :prompt option to date/time select helpers. #561 [Sam Oliver]
+
+* Fixed that send_file shouldn't set an etag #1578 [Hongli Lai]
+
+* Allow users to opt out of the spoofing checks in Request#remote_ip.  Useful for sites whose traffic regularly triggers false positives. [Darren Boyd]
+
+* Deprecated formatted_polymorphic_url.  [Jeremy Kemper]
+
+* Added the option to declare an asset_host as an object that responds to call (see http://github.com/dhh/asset-hosting-with-minimum-ssl for an example) [David Heinemeier Hansson]
+
+* Added support for multiple routes.rb files (useful for plugin engines). This also means that draw will no longer clear the route set, you have to do that by hand (shouldn't make a difference to you unless you're doing some funky stuff) [David Heinemeier Hansson]
 
+* Dropped formatted_* routes in favor of just passing in :format as an option. This cuts resource routes generation in half #1359 [aaronbatalion]
 
-*2.2.1 [RC2] (November 14th, 2008)*
+* Remove support for old double-encoded cookies from the cookie store.  These values haven't been generated since before 2.1.0, and any users who have visited the app in the intervening 6 months will have had their cookie upgraded. [Michael Koziarski]
+
+* Allow helpers directory to be overridden via ActionController::Base.helpers_dir #1424 [Sam Pohlenz]
+
+* Remove deprecated ActionController::Base#assign_default_content_type_and_charset
+
+* Changed the default of ActionView#render to assume partials instead of files when not given an options hash [David Heinemeier Hansson]. Examples:
+
+    # Instead of <%= render :partial => "account" %>
+    <%= render "account" %>
+    
+    # Instead of <%= render :partial => "account", :locals => { :account => @buyer } %>
+    <%= render "account", :account => @buyer %>
+    
+    # @account is an Account instance, so it uses the RecordIdentifier to replace
+    # <%= render :partial => "accounts/account", :locals => { :account => @account } %>
+    <%= render(@account) %>
+    
+    # @posts is an array of Post instances, so it uses the RecordIdentifier to replace
+    # <%= render :partial => "posts/post", :collection => @posts %>
+    <%= render(@posts) %>
+
+* Remove deprecated render_component. Please use the plugin from http://github.com/rails/render_component/tree/master [Pratik Naik]
+
+* Fixed RedCloth and BlueCloth shouldn't preload. Instead just assume that they're available if you want to use textilize and markdown and let autoload require them [David Heinemeier Hansson]
+>>>>>>> 49a055d... Fixed the AssetTagHelper cache to use the computed asset host as part of the cache key instead of just assuming the its a string [#1299 state:committed]:actionpack/CHANGELOG
+
+
+*2.2.2 (November 21st, 2008)*
+
+* Deprecated the :file default for ActionView#render to prepare for 2.3's new :partial default [DHH]
 
 * Restore backwards compatible functionality for setting relative_url_root.  Include deprecation
 
@@ -33,9 +96,6 @@
 
 * Fixed bug with asset timestamping when using relative_url_root #1265 [Joe Goldwasser]
 
-
-*2.2.0 [RC1] (October 24th, 2008)*
-
 * Fix incorrect closing CDATA delimiter and that HTML::Node.parse would blow up on unclosed CDATA sections [packagethief]
 
 * Added stale? and fresh_when methods to provide a layer of abstraction above request.fresh? and friends [DHH]. Example:

data/Rakefile

@@ -80,7 +80,7 @@ spec = Gem::Specification.new do |s|
   s.has_rdoc = true
   s.requirements << 'none'
 
-  s.add_dependency('activesupport', '= 2.2.2' + PKG_BUILD)
+  s.add_dependency('activesupport', '= 2.2.3' + PKG_BUILD)
 
   s.require_path = 'lib'
   s.autorequire = 'action_controller'

data/lib/action_controller/base.rb

@@ -1164,6 +1164,9 @@ module ActionController #:nodoc:
       def reset_session #:doc:
         request.reset_session
         @_session = request.session
+        #http://rails.lighthouseapp.com/projects/8994/tickets/1558-memory-problem-on-reset_session-in-around_filter#ticket-1558-1
+        #MRI appears to have a GC related memory leak to do with the finalizer that is defined on CGI::Session 
+        ObjectSpace.undefine_finalizer(@_session)
         response.session = @_session
       end
 

data/lib/action_controller/dispatcher.rb

@@ -10,6 +10,8 @@ module ActionController
           # Development mode callbacks
           before_dispatch :reload_application
           after_dispatch :cleanup_application
+
+          ActionView::Helpers::AssetTagHelper.cache_asset_timestamps = false
         end
 
         # Common callbacks
@@ -147,7 +149,6 @@ module ActionController
 
       Routing::Routes.reload
       ActionController::Base.view_paths.reload!
-      ActionView::Helpers::AssetTagHelper::AssetTag::Cache.clear
     end
 
     # Cleanup the application by clearing out loaded classes so they can

data/lib/action_controller/rack_process.rb

@@ -1,5 +1,6 @@
 require 'action_controller/cgi_ext'
 require 'action_controller/session/cookie_store'
+require 'action_controller/cgi_process'
 
 module ActionController #:nodoc:
   class RackRequest < AbstractRequest #:nodoc:
@@ -9,14 +10,7 @@ module ActionController #:nodoc:
     class SessionFixationAttempt < StandardError #:nodoc:
     end
 
-    DEFAULT_SESSION_OPTIONS = {
-      :database_manager => CGI::Session::CookieStore, # store data in cookie
-      :prefix           => "ruby_sess.",    # prefix session file names
-      :session_path     => "/",             # available to all paths in app
-      :session_key      => "_session_id",
-      :cookie_only      => true,
-      :session_http_only=> true
-    }
+    DEFAULT_SESSION_OPTIONS = ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS
 
     def initialize(env, session_options = DEFAULT_SESSION_OPTIONS)
       @session_options = session_options

data/lib/action_controller/request.rb

@@ -305,6 +305,15 @@ EOM
         else 80
       end
     end
+    
+    # Returns the value of ActionController::Base.relative_url_root.  This method is 
+    # deprecated as the value is an application wide setting, not something which
+    # changes per request.
+    def relative_url_root
+      ActiveSupport::Deprecation.warn(
+        "relative_url_root is now set application-wide, use ActionController::Base.relative_url_root instead.", caller)
+      ActionController::Base.relative_url_root
+    end
 
     # Returns a \port suffix like ":8080" if the \port number of this request
     # is not the default HTTP \port 80 or HTTPS \port 443.

data/lib/action_controller/resources.rb

@@ -535,9 +535,9 @@ module ActionController
 
         with_options :controller => resource.controller do |map|
           map_collection_actions(map, resource)
-          map_default_singleton_actions(map, resource)
           map_new_actions(map, resource)
           map_member_actions(map, resource)
+          map_default_singleton_actions(map, resource)
 
           map_associations(resource, options)
 

data/lib/action_controller/routing/route_set.rb

@@ -136,9 +136,13 @@ module ActionController
             end
           end
 
+          def named_helper_module_eval(code, *args)
+            @module.module_eval(code, *args)
+          end
+
           def define_hash_access(route, name, kind, options)
             selector = hash_access_name(name, kind)
-            @module.module_eval <<-end_eval # We use module_eval to avoid leaks
+            named_helper_module_eval <<-end_eval # We use module_eval to avoid leaks
               def #{selector}(options = nil)
                 options ? #{options.inspect}.merge(options) : #{options.inspect}
               end
@@ -166,7 +170,7 @@ module ActionController
             #
             #   foo_url(bar, baz, bang, :sort_by => 'baz')
             #
-            @module.module_eval <<-end_eval # We use module_eval to avoid leaks
+            named_helper_module_eval <<-end_eval # We use module_eval to avoid leaks
               def #{selector}(*args)
 
                 #{generate_optimisation_block(route, kind)}

data/lib/action_controller/routing/segments.rb

@@ -3,7 +3,11 @@ module ActionController
     class Segment #:nodoc:
       RESERVED_PCHAR = ':@&=+$,;'
       SAFE_PCHAR = "#{URI::REGEXP::PATTERN::UNRESERVED}#{RESERVED_PCHAR}"
-      UNSAFE_PCHAR = Regexp.new("[^#{SAFE_PCHAR}]", false, 'N').freeze
+      if RUBY_VERSION >= '1.9'
+        UNSAFE_PCHAR = Regexp.new("[^#{SAFE_PCHAR}]", false).freeze
+      else
+        UNSAFE_PCHAR = Regexp.new("[^#{SAFE_PCHAR}]", false, 'N').freeze
+      end
 
       # TODO: Convert :is_optional accessor to read only
       attr_accessor :is_optional
@@ -191,23 +195,19 @@ module ActionController
       end
 
       def regexp_chunk
-        if regexp
-          if regexp_has_modifiers?
-            "(#{regexp.to_s})"
-          else
-            "(#{regexp.source})"
-          end
-        else
-          "([^#{Routing::SEPARATORS.join}]+)"
-        end
+        regexp ? regexp_string : default_regexp_chunk
+      end
+
+      def regexp_string
+        regexp_has_modifiers? ? "(#{regexp.to_s})" : "(#{regexp.source})"
+      end
+
+      def default_regexp_chunk
+        "([^#{Routing::SEPARATORS.join}]+)"
       end
 
       def number_of_captures
-        if regexp
-          regexp.number_of_captures + 1
-        else
-          1
-        end
+        regexp ? regexp.number_of_captures + 1 : 1
       end
 
       def build_pattern(pattern)
@@ -244,10 +244,6 @@ module ActionController
         "(?i-:(#{(regexp || Regexp.union(*possible_names)).source}))"
       end
 
-      def number_of_captures
-        1
-      end
-
       # Don't URI.escape the controller name since it may contain slashes.
       def interpolation_chunk(value_code = local_name)
         "\#{#{value_code}.to_s}"
@@ -289,8 +285,8 @@ module ActionController
         "params[:#{key}] = PathSegment::Result.new_escaped((match[#{next_capture}]#{" || " + default.inspect if default}).split('/'))#{" if match[" + next_capture + "]" if !default}"
       end
 
-      def regexp_chunk
-        regexp || "(.*)"
+      def default_regexp_chunk
+        "(.*)"
       end
 
       def number_of_captures

data/lib/action_controller/session/cookie_store.rb

@@ -140,7 +140,7 @@ class CGI::Session::CookieStore
         data, digest = cookie.split('--')
 
         # Do two checks to transparently support old double-escaped data.
-        unless digest == generate_digest(data) || digest == generate_digest(data = CGI.unescape(data))
+        unless secure_compare(digest, generate_digest(data)) || secure_compare(digest, generate_digest(data = CGI.unescape(data)))
           delete
           raise TamperedWithCookie
         end
@@ -164,4 +164,36 @@ class CGI::Session::CookieStore
     def clear_old_cookie_value
       @session.cgi.cookies[@cookie_options['name']].clear
     end
+    
+    if "foo".respond_to?(:force_encoding)
+      # constant-time comparison algorithm to prevent timing attacks
+      def secure_compare(a, b)
+        a = a.dup.force_encoding(Encoding::BINARY)
+        b = b.dup.force_encoding(Encoding::BINARY)
+    
+        if a.length == b.length
+          result = 0
+          for i in 0..(a.length - 1)
+            result |= a[i].ord ^ b[i].ord
+          end
+          result == 0
+        else
+          false
+        end
+      end
+    else
+      # For 1.8
+      def secure_compare(a, b)
+        if a.length == b.length
+          result = 0
+          for i in 0..(a.length - 1)
+            result |= a[i] ^ b[i]
+          end
+          result == 0
+        else
+          false
+        end
+      end
+    end
+
 end

data/lib/action_pack/version.rb

@@ -2,7 +2,7 @@ module ActionPack #:nodoc:
   module VERSION #:nodoc:
     MAJOR = 2
     MINOR = 2
-    TINY  = 2
+    TINY  = 3
 
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

data/lib/action_view/base.rb

@@ -320,6 +320,8 @@ module ActionView #:nodoc:
         # OPTIMIZE: Checks to lookup template in view path
         if template = self.view_paths["#{template_file_name}.#{template_format}"]
           template
+        elsif template_file_extension && template = self.view_paths["#{template_file_name}.#{template_file_extension}"]
+          template
         elsif template = self.view_paths[template_file_name]
           template
         elsif (first_render = @_render_stack.first) && first_render.respond_to?(:format_and_extension) &&

data/lib/action_view/helpers/asset_tag_helper.rb

@@ -151,7 +151,7 @@ module ActionView
       #   javascript_path "http://www.railsapplication.com/js/xmlhr" # => http://www.railsapplication.com/js/xmlhr.js
       #   javascript_path "http://www.railsapplication.com/js/xmlhr.js" # => http://www.railsapplication.com/js/xmlhr.js
       def javascript_path(source)
-        JavaScriptTag.new(self, @controller, source).public_path
+        compute_public_path(source, 'javascripts', 'js')
       end
       alias_method :path_to_javascript, :javascript_path # aliased to avoid conflicts with a javascript_path named route
 
@@ -249,17 +249,15 @@ module ActionView
           joined_javascript_name = (cache == true ? "all" : cache) + ".js"
           joined_javascript_path = File.join(JAVASCRIPTS_DIR, joined_javascript_name)
 
-          unless File.exists?(joined_javascript_path)
-            JavaScriptSources.create(self, @controller, sources, recursive).write_asset_file_contents(joined_javascript_path)
-          end
+          write_asset_file_contents(joined_javascript_path, compute_javascript_paths(sources, recursive)) unless File.exists?(joined_javascript_path)
           javascript_src_tag(joined_javascript_name, options)
         else
-          JavaScriptSources.create(self, @controller, sources, recursive).expand_sources.collect { |source|
-            javascript_src_tag(source, options)
-          }.join("\n")
+          expand_javascript_sources(sources, recursive).collect { |source| javascript_src_tag(source, options) }.join("\n")
         end
       end
 
+      @@javascript_expansions = { :defaults => JAVASCRIPT_DEFAULT_SOURCES.dup }
+
       # Register one or more javascript files to be included when <tt>symbol</tt>
       # is passed to <tt>javascript_include_tag</tt>. This method is typically intended
       # to be called from plugin initialization to register javascript files
@@ -272,9 +270,11 @@ module ActionView
       #     <script type="text/javascript" src="/javascripts/body.js"></script>
       #     <script type="text/javascript" src="/javascripts/tail.js"></script>
       def self.register_javascript_expansion(expansions)
-        JavaScriptSources.expansions.merge!(expansions)
+        @@javascript_expansions.merge!(expansions)
       end
 
+      @@stylesheet_expansions = {}
+
       # Register one or more stylesheet files to be included when <tt>symbol</tt>
       # is passed to <tt>stylesheet_link_tag</tt>. This method is typically intended
       # to be called from plugin initialization to register stylesheet files
@@ -287,7 +287,7 @@ module ActionView
       #     <link href="/stylesheets/body.css"  media="screen" rel="stylesheet" type="text/css" />
       #     <link href="/stylesheets/tail.css"  media="screen" rel="stylesheet" type="text/css" />
       def self.register_stylesheet_expansion(expansions)
-        StylesheetSources.expansions.merge!(expansions)
+        @@stylesheet_expansions.merge!(expansions)
       end
 
       # Register one or more additional JavaScript files to be included when
@@ -295,11 +295,11 @@ module ActionView
       # typically intended to be called from plugin initialization to register additional
       # .js files that the plugin installed in <tt>public/javascripts</tt>.
       def self.register_javascript_include_default(*sources)
-        JavaScriptSources.expansions[:defaults].concat(sources)
+        @@javascript_expansions[:defaults].concat(sources)
       end
 
       def self.reset_javascript_include_default #:nodoc:
-        JavaScriptSources.expansions[:defaults] = JAVASCRIPT_DEFAULT_SOURCES.dup
+        @@javascript_expansions[:defaults] = JAVASCRIPT_DEFAULT_SOURCES.dup
       end
 
       # Computes the path to a stylesheet asset in the public stylesheets directory.
@@ -314,7 +314,7 @@ module ActionView
       #   stylesheet_path "http://www.railsapplication.com/css/style" # => http://www.railsapplication.com/css/style.css
       #   stylesheet_path "http://www.railsapplication.com/css/style.js" # => http://www.railsapplication.com/css/style.css
       def stylesheet_path(source)
-        StylesheetTag.new(self, @controller, source).public_path
+        compute_public_path(source, 'stylesheets', 'css')
       end
       alias_method :path_to_stylesheet, :stylesheet_path # aliased to avoid conflicts with a stylesheet_path named route
 
@@ -389,14 +389,10 @@ module ActionView
           joined_stylesheet_name = (cache == true ? "all" : cache) + ".css"
           joined_stylesheet_path = File.join(STYLESHEETS_DIR, joined_stylesheet_name)
 
-          unless File.exists?(joined_stylesheet_path)
-            StylesheetSources.create(self, @controller, sources, recursive).write_asset_file_contents(joined_stylesheet_path)
-          end
+          write_asset_file_contents(joined_stylesheet_path, compute_stylesheet_paths(sources, recursive)) unless File.exists?(joined_stylesheet_path)
           stylesheet_tag(joined_stylesheet_name, options)
         else
-          StylesheetSources.create(self, @controller, sources, recursive).expand_sources.collect { |source|
-            stylesheet_tag(source, options)
-          }.join("\n")
+          expand_stylesheet_sources(sources, recursive).collect { |source| stylesheet_tag(source, options) }.join("\n")
         end
       end
 
@@ -411,7 +407,7 @@ module ActionView
       #   image_path("/icons/edit.png")                              # => /icons/edit.png
       #   image_path("http://www.railsapplication.com/img/edit.png") # => http://www.railsapplication.com/img/edit.png
       def image_path(source)
-        ImageTag.new(self, @controller, source).public_path
+        compute_public_path(source, 'images')
       end
       alias_method :path_to_image, :image_path # aliased to avoid conflicts with an image_path named route
 
@@ -466,352 +462,190 @@ module ActionView
         tag("img", options)
       end
 
-      private
-        def javascript_src_tag(source, options)
-          content_tag("script", "", { "type" => Mime::JS, "src" => path_to_javascript(source) }.merge(options))
-        end
-
-        def stylesheet_tag(source, options)
-          tag("link", { "rel" => "stylesheet", "type" => Mime::CSS, "media" => "screen", "href" => html_escape(path_to_stylesheet(source)) }.merge(options), false, false)
-        end
-
-        module ImageAsset
-          DIRECTORY = 'images'.freeze
-
-          def directory
-            DIRECTORY
-          end
-
-          def extension
-            nil
-          end
-        end
-
-        module JavaScriptAsset
-          DIRECTORY = 'javascripts'.freeze
-          EXTENSION = 'js'.freeze
-
-          def public_directory
-            JAVASCRIPTS_DIR
-          end
-
-          def directory
-            DIRECTORY
-          end
+      def self.cache_asset_timestamps
+        @@cache_asset_timestamps
+      end
 
-          def extension
-            EXTENSION
-          end
-        end
+      # You can enable or disable the asset tag timestamps cache.
+      # With the cache enabled, the asset tag helper methods will make fewer
+      # expense file system calls. However this prevents you from modifying
+      # any asset files while the server is running.
+      #
+      #   ActionView::Helpers::AssetTagHelper.cache_asset_timestamps = false
+      def self.cache_asset_timestamps=(value)
+        @@cache_asset_timestamps = value
+      end
 
-        module StylesheetAsset
-          DIRECTORY = 'stylesheets'.freeze
-          EXTENSION = 'css'.freeze
+      @@cache_asset_timestamps = true
 
-          def public_directory
-            STYLESHEETS_DIR
+      private
+        # Add the the extension +ext+ if not present. Return full URLs otherwise untouched.
+        # Prefix with <tt>/dir/</tt> if lacking a leading +/+. Account for relative URL
+        # roots. Rewrite the asset path for cache-busting asset ids. Include
+        # asset host, if configured, with the correct request protocol.
+        def compute_public_path(source, dir, ext = nil, include_host = true)
+          has_request = @controller.respond_to?(:request)
+
+          if ext && (File.extname(source).blank? || File.exist?(File.join(ASSETS_DIR, dir, "#{source}.#{ext}")))
+            source += ".#{ext}"
           end
 
-          def directory
-            DIRECTORY
-          end
+          unless source =~ %r{^[-a-z]+://}
+            source = "/#{dir}/#{source}" unless source[0] == ?/
 
-          def extension
-            EXTENSION
-          end
-        end
+            source = rewrite_asset_path(source)
 
-        class AssetTag
-          extend ActiveSupport::Memoizable
-
-          Cache = {}
-          CacheGuard = Mutex.new
-
-          ProtocolRegexp = %r{^[-a-z]+://}.freeze
-
-          def initialize(template, controller, source, include_host = true)
-            # NOTE: The template arg is temporarily needed for a legacy plugin
-            # hook that is expected to call rewrite_asset_path on the
-            # template. This should eventually be removed.
-            @template = template
-            @controller = controller
-            @source = source
-            @include_host = include_host
-            @cache_key = if controller.respond_to?(:request)
-              [self.class.name,controller.request.protocol,
-               ActionController::Base.asset_host,
-               ActionController::Base.relative_url_root,
-               source, include_host]
-            else
-              [self.class.name,ActionController::Base.asset_host, source, include_host]
+            if has_request && include_host
+              unless source =~ %r{^#{ActionController::Base.relative_url_root}/}
+                source = "#{ActionController::Base.relative_url_root}#{source}"
+              end
             end
           end
-          
-          def public_path
-            compute_public_path(@source)
-          end
-          memoize :public_path
 
-          def asset_file_path
-            File.join(ASSETS_DIR, public_path.split('?').first)
-          end
-          memoize :asset_file_path
-
-          def contents
-            File.read(asset_file_path)
-          end
-
-          def mtime
-            File.mtime(asset_file_path)
-          end
-
-          private
-            def request
-              @controller.request
-            end
+          if include_host && source !~ %r{^[-a-z]+://}
+            host = compute_asset_host(source)
 
-            def request?
-              @controller.respond_to?(:request)
+            if has_request && !host.blank? && host !~ %r{^[-a-z]+://}
+              host = "#{@controller.request.protocol}#{host}"
             end
 
-            # Add the the extension +ext+ if not present. Return full URLs otherwise untouched.
-            # Prefix with <tt>/dir/</tt> if lacking a leading +/+. Account for relative URL
-            # roots. Rewrite the asset path for cache-busting asset ids. Include
-            # asset host, if configured, with the correct request protocol.
-            def compute_public_path(source)
-              if source =~ ProtocolRegexp
-                source += ".#{extension}" if missing_extension?(source)
-                source = prepend_asset_host(source)
-                source
-              else
-                CacheGuard.synchronize do
-                  Cache[@cache_key] ||= begin
-                    source += ".#{extension}" if missing_extension?(source) || file_exists_with_extension?(source)
-                    source = "/#{directory}/#{source}" unless source[0] == ?/
-                    source = rewrite_asset_path(source)
-                    source = prepend_relative_url_root(source)                
-                    source = prepend_asset_host(source)
-                    source
-                  end
-                end
-              end
-            end
-            
-            def missing_extension?(source)
-              extension && File.extname(source).blank?
-            end
-            
-            def file_exists_with_extension?(source)
-              extension && File.exist?(File.join(ASSETS_DIR, directory, "#{source}.#{extension}"))
-            end
-            
-            def prepend_relative_url_root(source)
-              relative_url_root = ActionController::Base.relative_url_root
-              if request? && @include_host && source !~ %r{^#{relative_url_root}/}
-                "#{relative_url_root}#{source}"
-              else
-                source
-              end
-            end
+            "#{host}#{source}"
+          else
+            source
+          end
+        end
 
-            def prepend_asset_host(source)
-              if @include_host && source !~ ProtocolRegexp
-                host = compute_asset_host(source)
-                if request? && !host.blank? && host !~ ProtocolRegexp
-                  host = "#{request.protocol}#{host}"
-                end
-                "#{host}#{source}"
+        # Pick an asset host for this source. Returns +nil+ if no host is set,
+        # the host if no wildcard is set, the host interpolated with the
+        # numbers 0-3 if it contains <tt>%d</tt> (the number is the source hash mod 4),
+        # or the value returned from invoking the proc if it's a proc or the value from
+        # invoking call if it's an object responding to call.
+        def compute_asset_host(source)
+          if host = ActionController::Base.asset_host
+            if host.is_a?(Proc) || host.respond_to?(:call)
+              case host.is_a?(Proc) ? host.arity : host.method(:call).arity
+              when 2
+                request = @controller.respond_to?(:request) && @controller.request
+                host.call(source, request)
               else
-                source
-              end
-            end
-
-            # Pick an asset host for this source. Returns +nil+ if no host is set,
-            # the host if no wildcard is set, the host interpolated with the
-            # numbers 0-3 if it contains <tt>%d</tt> (the number is the source hash mod 4),
-            # or the value returned from invoking the proc if it's a proc.
-            def compute_asset_host(source)
-              if host = ActionController::Base.asset_host
-                if host.is_a?(Proc)
-                  case host.arity
-                  when 2
-                    host.call(source, request)
-                  else
-                    host.call(source)
-                  end
-                else
-                  (host =~ /%d/) ? host % (source.hash % 4) : host
-                end
+                host.call(source)
               end
+            else
+              (host =~ /%d/) ? host % (source.hash % 4) : host
             end
+          end
+        end
 
-            # Use the RAILS_ASSET_ID environment variable or the source's
-            # modification time as its cache-busting asset id.
-            def rails_asset_id(source)
-              if asset_id = ENV["RAILS_ASSET_ID"]
-                asset_id
-              else
-                path = File.join(ASSETS_DIR, source)
+        @@asset_timestamps_cache = {}
+        @@asset_timestamps_cache_guard = Mutex.new
+
+        # Use the RAILS_ASSET_ID environment variable or the source's
+        # modification time as its cache-busting asset id.
+        def rails_asset_id(source)
+          if asset_id = ENV["RAILS_ASSET_ID"]
+            asset_id
+          else
+            if @@cache_asset_timestamps && (asset_id = @@asset_timestamps_cache[source])
+              asset_id
+            else
+              path = File.join(ASSETS_DIR, source)
+              asset_id = File.exist?(path) ? File.mtime(path).to_i.to_s : ''
 
-                if File.exist?(path)
-                  File.mtime(path).to_i.to_s
-                else
-                  ''
+              if @@cache_asset_timestamps
+                @@asset_timestamps_cache_guard.synchronize do
+                  @@asset_timestamps_cache[source] = asset_id
                 end
               end
-            end
 
-            # Break out the asset path rewrite in case plugins wish to put the asset id
-            # someplace other than the query string.
-            def rewrite_asset_path(source)
-              if @template.respond_to?(:rewrite_asset_path)
-                # DEPRECATE: This way to override rewrite_asset_path
-                @template.send(:rewrite_asset_path, source)
-              else
-                asset_id = rails_asset_id(source)
-                if asset_id.blank?
-                  source
-                else
-                  "#{source}?#{asset_id}"
-                end
-              end
+              asset_id
             end
+          end
         end
 
-        class ImageTag < AssetTag
-          include ImageAsset
+        # Break out the asset path rewrite in case plugins wish to put the asset id
+        # someplace other than the query string.
+        def rewrite_asset_path(source)
+          asset_id = rails_asset_id(source)
+          if asset_id.blank?
+            source
+          else
+            source + "?#{asset_id}"
+          end
         end
 
-        class JavaScriptTag < AssetTag
-          include JavaScriptAsset
+        def javascript_src_tag(source, options)
+          content_tag("script", "", { "type" => Mime::JS, "src" => path_to_javascript(source) }.merge(options))
         end
 
-        class StylesheetTag < AssetTag
-          include StylesheetAsset
+        def stylesheet_tag(source, options)
+          tag("link", { "rel" => "stylesheet", "type" => Mime::CSS, "media" => "screen", "href" => html_escape(path_to_stylesheet(source)) }.merge(options), false, false)
         end
 
-        class AssetCollection
-          extend ActiveSupport::Memoizable
-
-          Cache = {}
-          CacheGuard = Mutex.new
-
-          def self.create(template, controller, sources, recursive)
-            CacheGuard.synchronize do
-              key = [self, sources, recursive]
-              Cache[key] ||= new(template, controller, sources, recursive).freeze
-            end
-          end
+        def compute_javascript_paths(*args)
+          expand_javascript_sources(*args).collect { |source| compute_public_path(source, 'javascripts', 'js', false) }
+        end
 
-          def initialize(template, controller, sources, recursive)
-            # NOTE: The template arg is temporarily needed for a legacy plugin
-            # hook. See NOTE under AssetTag#initialize for more details
-            @template = template
-            @controller = controller
-            @sources = sources
-            @recursive = recursive
-          end
+        def compute_stylesheet_paths(*args)
+          expand_stylesheet_sources(*args).collect { |source| compute_public_path(source, 'stylesheets', 'css', false) }
+        end
 
-          def write_asset_file_contents(joined_asset_path)
-            FileUtils.mkdir_p(File.dirname(joined_asset_path))
-            File.open(joined_asset_path, "w+") { |cache| cache.write(joined_contents) }
-            mt = latest_mtime
-            File.utime(mt, mt, joined_asset_path)
+        def expand_javascript_sources(sources, recursive = false)
+          if sources.include?(:all)
+            all_javascript_files = collect_asset_files(JAVASCRIPTS_DIR, ('**' if recursive), '*.js')
+            ((determine_source(:defaults, @@javascript_expansions).dup & all_javascript_files) + all_javascript_files).uniq
+          else
+            expanded_sources = sources.collect do |source|
+              determine_source(source, @@javascript_expansions)
+            end.flatten
+            expanded_sources << "application" if sources.include?(:defaults) && File.exist?(File.join(JAVASCRIPTS_DIR, "application.js"))
+            expanded_sources
           end
-
-          private
-            def determine_source(source, collection)
-              case source
-              when Symbol
-                collection[source] || raise(ArgumentError, "No expansion found for #{source.inspect}")
-              else
-                source
-              end
-            end
-
-            def validate_sources!
-              @sources.collect { |source| determine_source(source, self.class.expansions) }.flatten
-            end
-
-            def all_asset_files
-              path = [public_directory, ('**' if @recursive), "*.#{extension}"].compact
-              Dir[File.join(*path)].collect { |file|
-                file[-(file.size - public_directory.size - 1)..-1].sub(/\.\w+$/, '')
-              }.sort
-            end
-
-            def tag_sources
-              expand_sources.collect { |source| tag_class.new(@template, @controller, source, false) }
-            end
-
-            def joined_contents
-              tag_sources.collect { |source| source.contents }.join("\n\n")
-            end
-
-            # Set mtime to the latest of the combined files to allow for
-            # consistent ETag without a shared filesystem.
-            def latest_mtime
-              tag_sources.map { |source| source.mtime }.max
-            end
         end
 
-        class JavaScriptSources < AssetCollection
-          include JavaScriptAsset
-
-          EXPANSIONS = { :defaults => JAVASCRIPT_DEFAULT_SOURCES.dup }
-
-          def self.expansions
-            EXPANSIONS
+        def expand_stylesheet_sources(sources, recursive)
+          if sources.first == :all
+            collect_asset_files(STYLESHEETS_DIR, ('**' if recursive), '*.css')
+          else
+            sources.collect do |source|
+              determine_source(source, @@stylesheet_expansions)
+            end.flatten
           end
+        end
 
-          APPLICATION_JS = "application".freeze
-          APPLICATION_FILE = "application.js".freeze
-
-          def expand_sources
-            if @sources.include?(:all)
-              assets = all_asset_files
-              ((defaults.dup & assets) + assets).uniq!
-            else
-              expanded_sources = validate_sources!
-              expanded_sources << APPLICATION_JS if include_application?
-              expanded_sources
-            end
+        def determine_source(source, collection)
+          case source
+          when Symbol
+            collection[source] || raise(ArgumentError, "No expansion found for #{source.inspect}")
+          else
+            source
           end
-          memoize :expand_sources
-
-          private
-            def tag_class
-              JavaScriptTag
-            end
-
-            def defaults
-              determine_source(:defaults, self.class.expansions)
-            end
+        end
 
-            def include_application?
-              @sources.include?(:defaults) && File.exist?(File.join(JAVASCRIPTS_DIR, APPLICATION_FILE))
-            end
+        def join_asset_file_contents(paths)
+          paths.collect { |path| File.read(asset_file_path(path)) }.join("\n\n")
         end
 
-        class StylesheetSources < AssetCollection
-          include StylesheetAsset
+        def write_asset_file_contents(joined_asset_path, asset_paths)
+          FileUtils.mkdir_p(File.dirname(joined_asset_path))
+          File.open(joined_asset_path, "w+") { |cache| cache.write(join_asset_file_contents(asset_paths)) }
 
-          EXPANSIONS = {}
+          # Set mtime to the latest of the combined files to allow for
+          # consistent ETag without a shared filesystem.
+          mt = asset_paths.map { |p| File.mtime(asset_file_path(p)) }.max
+          File.utime(mt, mt, joined_asset_path)
+        end
 
-          def self.expansions
-            EXPANSIONS
-          end
+        def asset_file_path(path)
+          File.join(ASSETS_DIR, path.split('?').first)
+        end
 
-          def expand_sources
-            @sources.first == :all ? all_asset_files : validate_sources!
-          end
-          memoize :expand_sources
+        def collect_asset_files(*path)
+          dir = path.first
 
-          private
-            def tag_class
-              StylesheetTag
-            end
+          Dir[File.join(*path.compact)].collect do |file|
+            file[-(file.size - dir.size - 1)..-1].sub(/\.\w+$/, '')
+          end.sort
         end
     end
   end
-end
+end