actionpack 4.1.1 → 4.1.2.rc1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e696e9aea917e1a7a0ce12cc8e365682a661c6d8
+  data.tar.gz: d259d80f6c29728ab611c9d01087415e19a82f46
+SHA512:
+  metadata.gz: 631a18596b298cd0f1655d001994579bcc17297cdf47a2304474852fb4f43976116b47ffaf21fe6836c75148fcbb90c074bb85fa27ddfde4bf0bf76aeba58326
+  data.tar.gz: b794e4f3045572405883896d1bbe6aab5006cd376c057326aa7d8fef5d2bb083ecfd990bb851904f931df858e250ec217463358a7fd7ae09a8dced8ac6042965

data/CHANGELOG.md

@@ -1,3 +1,77 @@
+## Rails 4.1.2 (May 27, 2014) ##
+
+*   Fix URL generation with `:trailing_slash` such that it does not add
+    a trailing slash after `.:format`
+
+    *Dan Langevin*
+
+*   Fixed an issue with migrating legacy json cookies.
+
+    Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming
+    cookies are marshal-encoded. This is not the case when `secret_token` is
+    used in conjunction with the `:json` or `:hybrid` serializer.
+
+    In those case, when upgrading to use `secret_key_base`, this would cause a
+    `TypeError: incompatible marshal file format` and a 500 error for the user.
+
+    Fixes #14774.
+
+    *Godfrey Chan*
+
+*   `http_basic_authenticate_with` only check the autentication if the schema is
+    `Basic`.
+
+    Fixes #10257.
+
+    *tomykaira*
+
+*   Fix `'Stack level too deep'` when rendering `head :ok` in an action method
+    called 'status' in a controller.
+
+    Fixes #13905.
+
+    *Christiaan Van den Poel*
+
+*   Always use the provided port if the protocol is relative.
+
+    Fixes #15043.
+
+    *Guilherme Cavalcanti*, *Andrew White*
+
+*   Append link to bad code to backtrace when exception is `SyntaxError`.
+
+    *Boris Kuznetsov*
+
+*   Make URL escaping more consistent:
+
+    1. Escape '%' characters in URLs - only unescaped data should be passed to URL helpers
+    2. Add an `escape_segment` helper to `Router::Utils` that escapes '/' characters
+    3. Use `escape_segment` rather than `escape_fragment` in optimized URL generation
+    4. Use `escape_segment` rather than `escape_path` in URL generation
+
+    For point 4 there are two exceptions. Firstly, when a route uses wildcard segments
+    (e.g. `*foo`) then we use `escape_path` as the value may contain '/' characters. This
+    means that wildcard routes can't be optimized. Secondly, if a `:controller` segment
+    is used in the path then this uses `escape_path` as the controller may be namespaced.
+
+    Fixes #14629, #14636 and #14070.
+
+    *Andrew White*, *Edho Arief*
+
+*   Returns null type format when format is not know and controller is using `any`
+    format block.
+
+    Fixes #14462.
+
+    *Rafael Mendonça França*
+
+*   Only make deeply nested routes shallow when parent is shallow.
+
+    Fixes #14684.
+
+    *Andrew White*, *James Coglan*
+
+
 ## Rails 4.1.1 (May 6, 2014) ##
 
 *   Only accept actions without File::SEPARATOR in the name.
@@ -18,6 +92,17 @@
 
     *Vishal Lal*
 
+*   The method `shallow?` returns false if the parent resource is a singleton so
+    we need to check if we're not inside a nested scope before copying the :path
+    and :as options to their shallow equivalents.
+
+    Fixes #14388.
+
+    *Andrew White*
+
+
+## Rails 4.1.0 (April 8, 2014) ##
+
 *   Fix URL generation in controller tests with request-dependent
     `default_url_options` methods.
 

data/lib/abstract_controller/rendering.rb

@@ -106,7 +106,9 @@ module AbstractController
     def _normalize_render(*args, &block)
       options = _normalize_args(*args, &block)
       #TODO: remove defined? when we restore AP <=> AV dependency
-      options[:variant] = request.variant if defined?(request) && request.variant.present?
+      if defined?(request) && request && request.variant.present?
+        options[:variant] = request.variant
+      end
       _normalize_options(options)
       options
     end

data/lib/action_controller/metal.rb

@@ -70,7 +70,8 @@ module ActionController
   # can do the following:
   #
   #   class HelloController < ActionController::Metal
-  #     include ActionController::Rendering
+  #     include AbstractController::Rendering
+  #     include ActionView::Layouts
   #     append_view_path "#{Rails.root}/app/views"
   #
   #     def index
@@ -231,5 +232,9 @@ module ActionController
         new.dispatch(name, klass.new(env))
       end
     end
+
+    def _status_code
+      @_status
+    end
   end
 end

data/lib/action_controller/metal/head.rb

@@ -27,7 +27,7 @@ module ActionController
       self.status = status
       self.location = url_for(location) if location
 
-      if include_content?(self.status)
+      if include_content?(self._status_code)
         self.content_type = content_type || (Mime[formats.first] if formats)
         self.response.charset = false if self.response
         self.response_body = " "

data/lib/action_controller/metal/http_authentication.rb

@@ -90,17 +90,29 @@ module ActionController
       end
 
       def authenticate(request, &login_procedure)
-        unless request.authorization.blank?
+        if has_basic_credentials?(request)
           login_procedure.call(*user_name_and_password(request))
         end
       end
 
+      def has_basic_credentials?(request)
+        request.authorization.present? && (auth_scheme(request) == 'Basic')
+      end
+
       def user_name_and_password(request)
-        decode_credentials(request).split(/:/, 2)
+        decode_credentials(request).split(':', 2)
       end
 
       def decode_credentials(request)
-        ::Base64.decode64(request.authorization.split(' ', 2).last || '')
+        ::Base64.decode64(auth_param(request) || '')
+      end
+
+      def auth_scheme(request)
+        request.authorization.split(' ', 2).first
+      end
+
+      def auth_param(request)
+        request.authorization.split(' ', 2).second
       end
 
       def encode_credentials(user_name, password)

data/lib/action_controller/metal/rack_delegation.rb

@@ -6,7 +6,7 @@ module ActionController
     extend ActiveSupport::Concern
 
     delegate :headers, :status=, :location=, :content_type=,
-             :status, :location, :content_type, :to => "@_response"
+             :status, :location, :content_type, :_status_code, :to => "@_response"
 
     def dispatch(action, request)
       set_response!(request)

data/lib/action_controller/metal/strong_parameters.rb

@@ -502,7 +502,7 @@ module ActionController
   #       end
   #   end
   #
-  # In order to use <tt>accepts_nested_attribute_for</tt> with Strong \Parameters, you
+  # In order to use <tt>accepts_nested_attributes_for</tt> with Strong \Parameters, you
   # will need to specify which nested attributes should be whitelisted.
   #
   #   class Person

data/lib/action_dispatch/http/headers.rb

@@ -26,7 +26,9 @@ module ActionDispatch
         @env[env_name(key)] = value
       end
 
-      def key?(key); @env.key? key; end
+      def key?(key)
+        @env.key? env_name(key)
+      end
       alias :include? :key?
 
       def fetch(key, *args, &block)

data/lib/action_dispatch/http/mime_negotiation.rb

@@ -129,7 +129,7 @@ module ActionDispatch
           end
         end
 
-        order.include?(Mime::ALL) ? formats.first : nil
+        order.include?(Mime::ALL) ? format : nil
       end
 
       protected

data/lib/action_dispatch/http/mime_type.rb

@@ -174,7 +174,7 @@ module Mime
       end
 
       def parse(accept_header)
-        if accept_header !~ /,/
+        if !accept_header.include?(',')
           accept_header = accept_header.split(PARAMETER_SEPARATOR_REGEXP).first
           parse_trailing_star(accept_header) || [Mime::Type.lookup(accept_header)].compact
         else

data/lib/action_dispatch/http/response.rb

@@ -296,6 +296,9 @@ module ActionDispatch # :nodoc:
       cookies
     end
 
+    def _status_code
+      @status
+    end
   private
 
     def before_committed

data/lib/action_dispatch/http/url.rb

@@ -34,19 +34,15 @@ module ActionDispatch
           path  = options.delete(:script_name).to_s.chomp("/")
           path << options.delete(:path).to_s
 
+          add_trailing_slash(path) if options[:trailing_slash]
+
           params = options[:params].is_a?(Hash) ? options[:params] : options.slice(:params)
           params.reject! { |_,v| v.to_param.nil? }
 
           result = build_host_url(options)
-          if options[:trailing_slash]
-            if path.include?('?')
-              result << path.sub(/\?/, '/\&')
-            else
-              result << path.sub(/[^\/]\z|\A\z/, '\&/')
-            end
-          else
-            result << path
-          end
+
+          result << path
+
           result << "?#{params.to_query}" unless params.empty?
           result << "##{Journey::Router::Utils.escape_fragment(options[:anchor].to_param.to_s)}" if options[:anchor]
           result
@@ -54,6 +50,18 @@ module ActionDispatch
 
         private
 
+        def add_trailing_slash(path)
+          # includes querysting
+          if path.include?('?')
+            path.sub!(/\?/, '/\&')
+          # does not have a .format
+          elsif !path.include?(".")
+            path.sub!(/[^\/]\z|\A\z/, '\&/')
+          end
+
+          path
+        end
+
         def build_host_url(options)
           if options[:host].blank? && options[:only_path].blank?
             raise ArgumentError, 'Missing host to link to! Please provide the :host parameter, set default_url_options[:host], or set :only_path to true'
@@ -130,7 +138,7 @@ module ActionDispatch
 
           case options[:protocol]
           when "//"
-            nil
+            options[:port]
           when "https://"
             options[:port].to_i == 443 ? nil : options[:port]
           else

data/lib/action_dispatch/journey/route.rb

@@ -101,6 +101,10 @@ module ActionDispatch
         end
       end
 
+      def glob?
+        !path.spec.grep(Nodes::Star).empty?
+      end
+
       def dispatcher?
         @dispatcher
       end

data/lib/action_dispatch/journey/router/utils.rb

@@ -1,5 +1,3 @@
-require 'uri'
-
 module ActionDispatch
   module Journey # :nodoc:
     class Router # :nodoc:
@@ -25,31 +23,67 @@ module ActionDispatch
 
         # URI path and fragment escaping
         # http://tools.ietf.org/html/rfc3986
-        module UriEscape # :nodoc:
-          # Symbol captures can generate multiple path segments, so include /.
-          reserved_segment  = '/'
-          reserved_fragment = '/?'
-          reserved_pchar    = ':@&=+$,;%'
-
-          safe_pchar    = "#{URI::REGEXP::PATTERN::UNRESERVED}#{reserved_pchar}"
-          safe_segment  = "#{safe_pchar}#{reserved_segment}"
-          safe_fragment = "#{safe_pchar}#{reserved_fragment}"
-          UNSAFE_SEGMENT  = Regexp.new("[^#{safe_segment}]", false).freeze
-          UNSAFE_FRAGMENT = Regexp.new("[^#{safe_fragment}]", false).freeze
+        class UriEncoder # :nodoc:
+          ENCODE   = "%%%02X".freeze
+          ENCODING = Encoding::US_ASCII
+          EMPTY    = "".force_encoding(ENCODING).freeze
+          DEC2HEX  = (0..255).to_a.map{ |i| ENCODE % i }.map{ |s| s.force_encoding(ENCODING) }
+
+          ALPHA = "a-zA-Z".freeze
+          DIGIT = "0-9".freeze
+          UNRESERVED = "#{ALPHA}#{DIGIT}\\-\\._~".freeze
+          SUB_DELIMS = "!\\$&'\\(\\)\\*\\+,;=".freeze
+
+          ESCAPED  = /%[a-zA-Z0-9]{2}/.freeze
+
+          FRAGMENT = /[^#{UNRESERVED}#{SUB_DELIMS}:@\/\?]/.freeze
+          SEGMENT  = /[^#{UNRESERVED}#{SUB_DELIMS}:@]/.freeze
+          PATH     = /[^#{UNRESERVED}#{SUB_DELIMS}:@\/]/.freeze
+
+          def escape_fragment(fragment)
+            escape(fragment, FRAGMENT)
+          end
+
+          def escape_path(path)
+            escape(path, PATH)
+          end
+
+          def escape_segment(segment)
+            escape(segment, SEGMENT)
+          end
+
+          def unescape_uri(uri)
+            uri.gsub(ESCAPED) { [$&[1, 2].hex].pack('C') }.force_encoding(uri.encoding)
+          end
+
+          protected
+            def escape(component, pattern)
+              component.gsub(pattern){ |unsafe| percent_encode(unsafe) }.force_encoding(ENCODING)
+            end
+
+            def percent_encode(unsafe)
+              safe = EMPTY.dup
+              unsafe.each_byte { |b| safe << DEC2HEX[b] }
+              safe
+            end
         end
 
-        Parser = URI::Parser.new
+        ENCODER = UriEncoder.new
 
         def self.escape_path(path)
-          Parser.escape(path.to_s, UriEscape::UNSAFE_SEGMENT)
+          ENCODER.escape_path(path.to_s)
+        end
+
+        def self.escape_segment(segment)
+          ENCODER.escape_segment(segment.to_s)
         end
 
         def self.escape_fragment(fragment)
-          Parser.escape(fragment.to_s, UriEscape::UNSAFE_FRAGMENT)
+          ENCODER.escape_fragment(fragment.to_s)
         end
 
         def self.unescape_uri(uri)
-          Parser.unescape(uri)
+          ENCODER.unescape_uri(uri)
         end
       end
     end

data/lib/action_dispatch/journey/visitors.rb

@@ -114,19 +114,26 @@ module ActionDispatch
         end
 
         private
+          def escape_path(value)
+            Router::Utils.escape_path(value)
+          end
+
+          def escape_segment(value)
+            Router::Utils.escape_segment(value)
+          end
 
           def visit(node, optional = false)
             case node.type
             when :LITERAL, :SLASH, :DOT
               node.left
             when :STAR
-              visit(node.left)
+              visit_STAR(node.left)
             when :GROUP
               visit(node.left, true)
             when :CAT
               visit_CAT(node, optional)
             when :SYMBOL
-              visit_SYMBOL(node)
+              visit_SYMBOL(node, node.to_sym)
             end
           end
 
@@ -141,9 +148,15 @@ module ActionDispatch
             end
           end
 
-          def visit_SYMBOL(node)
+          def visit_STAR(node)
             if value = options[node.to_sym]
-              Router::Utils.escape_path(value)
+              escape_path(value)
+            end
+          end
+
+          def visit_SYMBOL(node, name)
+            if value = options[name]
+              name == :controller ? escape_path(value) : escape_segment(value)
             end
           end
       end

data/lib/action_dispatch/middleware/cookies.rb

@@ -176,11 +176,11 @@ module ActionDispatch
     module VerifyAndUpgradeLegacySignedMessage
       def initialize(*args)
         super
-        @legacy_verifier = ActiveSupport::MessageVerifier.new(@options[:secret_token])
+        @legacy_verifier = ActiveSupport::MessageVerifier.new(@options[:secret_token], serializer: NullSerializer)
       end
 
       def verify_and_upgrade_legacy_signed_message(name, signed_message)
-        @legacy_verifier.verify(signed_message).tap do |value|
+        deserialize(name, @legacy_verifier.verify(signed_message)).tap do |value|
           self[name] = { value: value }
         end
       rescue ActiveSupport::MessageVerifier::InvalidSignature

data/lib/action_dispatch/middleware/exception_wrapper.rb

@@ -32,6 +32,8 @@ module ActionDispatch
     def initialize(env, exception)
       @env = env
       @exception = original_exception(exception)
+
+      expand_backtrace if exception.is_a?(SyntaxError) || exception.try(:original_exception).try(:is_a?, SyntaxError)
     end
 
     def rescue_template
@@ -104,5 +106,11 @@ module ActionDispatch
         end
       end
     end
+
+    def expand_backtrace
+      @exception.backtrace.unshift(
+        @exception.to_s.split("\n")
+      ).flatten!
+    end
   end
 end

data/lib/action_dispatch/middleware/ssl.rb

@@ -32,11 +32,14 @@ module ActionDispatch
 
     private
       def redirect_to_https(request)
-        url        = URI(request.url)
-        url.scheme = "https"
-        url.host   = @host if @host
-        url.port   = @port if @port
-        headers    = { 'Content-Type' => 'text/html', 'Location' => url.to_s }
+        host = @host || request.host
+        port = @port || request.port
+
+        location = "https://#{host}"
+        location << ":#{port}" if port != 80
+        location << request.fullpath
+
+        headers = { 'Content-Type' => 'text/html', 'Location' => location }
 
         [301, headers, []]
       end

data/lib/action_dispatch/middleware/templates/routes/_table.html.erb

@@ -122,7 +122,7 @@
     // On key press perform a search for matching paths
     pathElem.onkeyup = function(e){
       var path        = sanitizePath(pathElem.value),
-          defaultText = '<tr><th colspan="4">Paths Matching (' + path + '):</th></tr>';
+          defaultText = '<tr><th colspan="4">Paths Matching (' + escape(path) + '):</th></tr>';
 
       // Clear out results section
       selectedSection.innerHTML= defaultText;

data/lib/action_dispatch/routing.rb

@@ -1,6 +1,7 @@
 # encoding: UTF-8
 require 'active_support/core_ext/object/to_param'
 require 'active_support/core_ext/regexp'
+require 'active_support/dependencies/autoload'
 
 module ActionDispatch
   # The routing module provides URL rewriting in native Ruby. It's a way to

data/lib/action_dispatch/routing/mapper.rb

@@ -340,18 +340,35 @@ module ActionDispatch
           match '/', { :as => :root, :via => :get }.merge!(options)
         end
 
-        # Matches a url pattern to one or more routes. Any symbols in a pattern
-        # are interpreted as url query parameters and thus available as +params+
-        # in an action:
+        # Matches a url pattern to one or more routes.
         #
+        # You should not use the `match` method in your router
+        # without specifying an HTTP method.
+        #
+        # If you want to expose your action to both GET and POST, use:
+        # 
         #   # sets :controller, :action and :id in params
-        #   match ':controller/:action/:id'
+        #   match ':controller/:action/:id', via: [:get, :post]
+        #
+        # Note that +:controller+, +:action+, +:id+  are interpreted as url query 
+        # parameters and thus available as +params+
+        # in an action.
+        #
+        # If you want to expose your action to GET, use `get` in the router:
+        #
+        # Instead of:
+        #
+        #   match ":controller/:action/:id"
+        #
+        # Do:
+        #
+        #   get ":controller/:action/:id"
         #
         # Two of these symbols are special, +:controller+ maps to the controller
         # and +:action+ to the controller's action. A pattern can also map
         # wildcard segments (globs) to params:
         #
-        #   match 'songs/*category/:title', to: 'songs#show'
+        #   get 'songs/*category/:title', to: 'songs#show'
         #
         #   # 'songs/rock/classic/stairway-to-heaven' sets
         #   #  params[:category] = 'rock/classic'
@@ -360,17 +377,17 @@ module ActionDispatch
         # When a pattern points to an internal route, the route's +:action+ and
         # +:controller+ should be set in options or hash shorthand. Examples:
         #
-        #   match 'photos/:id' => 'photos#show'
-        #   match 'photos/:id', to: 'photos#show'
-        #   match 'photos/:id', controller: 'photos', action: 'show'
+        #   match 'photos/:id' => 'photos#show', via: [:get]
+        #   match 'photos/:id', to: 'photos#show', via: [:get]
+        #   match 'photos/:id', controller: 'photos', action: 'show', via: [:get]
         #
         # A pattern can also point to a +Rack+ endpoint i.e. anything that
         # responds to +call+:
         #
-        #   match 'photos/:id', to: lambda {|hash| [200, {}, ["Coming soon"]] }
-        #   match 'photos/:id', to: PhotoRackApp
+        #   match 'photos/:id', to: lambda {|hash| [200, {}, ["Coming soon"]] }, via: [:get]
+        #   match 'photos/:id', to: PhotoRackApp, via: [:get]
         #   # Yes, controller actions are just rack endpoints
-        #   match 'photos/:id', to: PhotosController.action(:show)
+        #   match 'photos/:id', to: PhotosController.action(:show), via: [:get]
         #
         # Because requesting various HTTP verbs with a single action has security
         # implications, you must either specify the actions in
@@ -393,7 +410,7 @@ module ActionDispatch
         # [:module]
         #   The namespace for :controller.
         #
-        #     match 'path', to: 'c#a', module: 'sekret', controller: 'posts'
+        #     match 'path', to: 'c#a', module: 'sekret', controller: 'posts', via: [:get]
         #     # => Sekret::PostsController
         #
         #   See <tt>Scoping#namespace</tt> for its scope equivalent.
@@ -412,9 +429,9 @@ module ActionDispatch
         #   Points to a +Rack+ endpoint. Can be an object that responds to
         #   +call+ or a string representing a controller's action.
         #
-        #      match 'path', to: 'controller#action'
-        #      match 'path', to: lambda { |env| [200, {}, ["Success!"]] }
-        #      match 'path', to: RackApp
+        #      match 'path', to: 'controller#action', via: [:get]
+        #      match 'path', to: lambda { |env| [200, {}, ["Success!"]] }, via: [:get]
+        #      match 'path', to: RackApp, via: [:get]
         #
         # [:on]
         #   Shorthand for wrapping routes in a specific RESTful context. Valid
@@ -439,14 +456,14 @@ module ActionDispatch
         #   other than path can also be specified with any object
         #   that responds to <tt>===</tt> (eg. String, Array, Range, etc.).
         #
-        #     match 'path/:id', constraints: { id: /[A-Z]\d{5}/ }
+        #     match 'path/:id', constraints: { id: /[A-Z]\d{5}/ }, via: [:get]
         #
-        #     match 'json_only', constraints: { format: 'json' }
+        #     match 'json_only', constraints: { format: 'json' }, via: [:get]
         #
         #     class Whitelist
         #       def matches?(request) request.remote_ip == '1.2.3.4' end
         #     end
-        #     match 'path', to: 'c#a', constraints: Whitelist.new
+        #     match 'path', to: 'c#a', constraints: Whitelist.new, via: [:get]
         #
         #   See <tt>Scoping#constraints</tt> for more examples with its scope
         #   equivalent.
@@ -455,7 +472,7 @@ module ActionDispatch
         #   Sets defaults for parameters
         #
         #     # Sets params[:format] to 'jpg' by default
-        #     match 'path', to: 'c#a', defaults: { format: 'jpg' }
+        #     match 'path', to: 'c#a', defaults: { format: 'jpg' }, via: [:get]
         #
         #   See <tt>Scoping#defaults</tt> for its scope equivalent.
         #
@@ -464,7 +481,7 @@ module ActionDispatch
         #   false, the pattern matches any request prefixed with the given path.
         #
         #     # Matches any request starting with 'path'
-        #     match 'path', to: 'c#a', anchor: false
+        #     match 'path', to: 'c#a', anchor: false, via: [:get]
         #
         # [:format]
         #   Allows you to specify the default value for optional +format+
@@ -707,7 +724,7 @@ module ActionDispatch
           options[:path] = args.flatten.join('/') if args.any?
           options[:constraints] ||= {}
 
-          unless shallow?
+          unless nested_scope?
             options[:shallow_path] ||= options[:path] if options.key?(:path)
             options[:shallow_prefix] ||= options[:as] if options.key?(:as)
           end
@@ -991,6 +1008,7 @@ module ActionDispatch
             @as         = options[:as]
             @param      = (options[:param] || :id).to_sym
             @options    = options
+            @shallow    = false
           end
 
           def default_actions
@@ -1051,6 +1069,13 @@ module ActionDispatch
             "#{path}/:#{nested_param}"
           end
 
+          def shallow=(value)
+            @shallow = value
+          end
+
+          def shallow?
+            @shallow
+          end
         end
 
         class SingletonResource < Resource #:nodoc:
@@ -1357,7 +1382,7 @@ module ActionDispatch
           end
 
           with_scope_level(:nested) do
-            if shallow? && nesting_depth > 1
+            if shallow? && shallow_nesting_depth > 1
               shallow_scope(parent_resource.nested_scope, nested_options) { yield }
             else
               scope(parent_resource.nested_scope, nested_options) { yield }
@@ -1547,6 +1572,10 @@ module ActionDispatch
             RESOURCE_METHOD_SCOPES.include? @scope[:scope_level]
           end
 
+          def nested_scope? #:nodoc:
+            @scope[:scope_level] == :nested
+          end
+
           def with_exclusive_scope
             begin
               old_name_prefix, old_path = @scope[:as], @scope[:path]
@@ -1568,6 +1597,7 @@ module ActionDispatch
           end
 
           def resource_scope(kind, resource) #:nodoc:
+            resource.shallow = @scope[:shallow]
             old_resource, @scope[:scope_level_resource] = @scope[:scope_level_resource], resource
             @nesting.push(resource)
 
@@ -1592,6 +1622,10 @@ module ActionDispatch
             @nesting.size
           end
 
+          def shallow_nesting_depth #:nodoc:
+            @nesting.select(&:shallow?).size
+          end
+
           def param_constraint? #:nodoc:
             @scope[:constraints] && @scope[:constraints][parent_resource.param].is_a?(Regexp)
           end

data/lib/action_dispatch/routing/route_set.rb

@@ -1,11 +1,13 @@
 require 'action_dispatch/journey'
 require 'forwardable'
 require 'thread_safe'
+require 'active_support/concern'
 require 'active_support/core_ext/object/to_query'
 require 'active_support/core_ext/hash/slice'
 require 'active_support/core_ext/module/remove_method'
 require 'active_support/core_ext/array/extract_options'
 require 'action_controller/metal/exceptions'
+require 'action_dispatch/http/request'
 
 module ActionDispatch
   module Routing
@@ -155,7 +157,7 @@ module ActionDispatch
           end
 
           def self.optimize_helper?(route)
-            route.requirements.except(:controller, :action).empty?
+            !route.glob? && route.requirements.except(:controller, :action).empty?
           end
 
           class OptimizedUrlHelper < UrlHelper # :nodoc:
@@ -194,7 +196,7 @@ module ActionDispatch
             end
 
             def replace_segment(params, segment)
-              Symbol === segment ? @klass.escape_fragment(params[segment]) : segment
+              Symbol === segment ? @klass.escape_segment(params[segment]) : segment
             end
 
             def optimize_routes_generation?(t)

data/lib/action_dispatch/testing/assertions/response.rb

@@ -73,7 +73,13 @@ module ActionDispatch
           if Regexp === fragment
             fragment
           else
-            @controller._compute_redirect_to_location(fragment)
+            handle = @controller || Class.new(ActionController::Metal) do
+              include ActionController::Redirecting
+              def initialize(request)
+                @_request = request
+              end
+            end.new(@request)
+            handle._compute_redirect_to_location(fragment)
           end
         end
     end

data/lib/action_dispatch/testing/assertions/selector.rb

@@ -267,7 +267,7 @@ module ActionDispatch
             text.strip! unless NO_STRIP.include?(match.name)
             text.sub!(/\A\n/, '') if match.name == "textarea"
             unless match_with.is_a?(Regexp) ? (text =~ match_with) : (text == match_with.to_s)
-              content_mismatch ||= sprintf("<%s> expected but was\n<%s>.", match_with, text)
+              content_mismatch ||= sprintf("<%s> expected but was\n<%s>", match_with, text)
               true
             end
           end
@@ -276,7 +276,7 @@ module ActionDispatch
             html = match.children.map(&:to_s).join
             html.strip! unless NO_STRIP.include?(match.name)
             unless match_with.is_a?(Regexp) ? (html =~ match_with) : (html == match_with.to_s)
-              content_mismatch ||= sprintf("<%s> expected but was\n<%s>.", match_with, html)
+              content_mismatch ||= sprintf("<%s> expected but was\n<%s>", match_with, html)
               true
             end
           end
@@ -289,7 +289,7 @@ module ActionDispatch
 
         # FIXME: minitest provides messaging when we use assert_operator,
         # so is this custom message really needed?
-        message = message || %(Expected #{count_description(min, max, count)} matching "#{selector.to_s}", found #{matches.size}.)
+        message = message || %(Expected #{count_description(min, max, count)} matching "#{selector.to_s}", found #{matches.size})
         if count
           assert_equal count, matches.size, message
         else

data/lib/action_pack/gem_version.rb

@@ -7,8 +7,8 @@ module ActionPack
   module VERSION
     MAJOR = 4
     MINOR = 1
-    TINY  = 1
-    PRE   = nil
+    TINY  = 2
+    PRE   = "rc1"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

metadata

@@ -1,96 +1,85 @@
 --- !ruby/object:Gem::Specification
 name: actionpack
 version: !ruby/object:Gem::Version
-  version: 4.1.1
-  prerelease: 
+  version: 4.1.2.rc1
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-06 00:00:00.000000000 Z
+date: 2014-05-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.1.1
+        version: 4.1.2.rc1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.1.1
+        version: 4.1.2.rc1
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.5.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.5.2
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.6.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.6.2
 - !ruby/object:Gem::Dependency
   name: actionview
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.1.1
+        version: 4.1.2.rc1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.1.1
+        version: 4.1.2.rc1
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.1.1
+        version: 4.1.2.rc1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.1.1
+        version: 4.1.2.rc1
 description: Web apps on Rails. Simple, battle-tested conventions for building and
   testing MVC web applications. Works with any Rack-compatible server.
 email: david@loudthinking.com
@@ -99,8 +88,9 @@ extensions: []
 extra_rdoc_files: []
 files:
 - CHANGELOG.md
-- README.rdoc
 - MIT-LICENSE
+- README.rdoc
+- lib/abstract_controller.rb
 - lib/abstract_controller/asset_paths.rb
 - lib/abstract_controller/base.rb
 - lib/abstract_controller/callbacks.rb
@@ -111,11 +101,12 @@ files:
 - lib/abstract_controller/rendering.rb
 - lib/abstract_controller/translation.rb
 - lib/abstract_controller/url_for.rb
-- lib/abstract_controller.rb
+- lib/action_controller.rb
 - lib/action_controller/base.rb
-- lib/action_controller/caching/fragments.rb
 - lib/action_controller/caching.rb
+- lib/action_controller/caching/fragments.rb
 - lib/action_controller/log_subscriber.rb
+- lib/action_controller/metal.rb
 - lib/action_controller/metal/conditional_get.rb
 - lib/action_controller/metal/cookies.rb
 - lib/action_controller/metal/data_streaming.rb
@@ -142,13 +133,12 @@ files:
 - lib/action_controller/metal/strong_parameters.rb
 - lib/action_controller/metal/testing.rb
 - lib/action_controller/metal/url_for.rb
-- lib/action_controller/metal.rb
 - lib/action_controller/middleware.rb
 - lib/action_controller/model_naming.rb
 - lib/action_controller/railtie.rb
 - lib/action_controller/railties/helpers.rb
 - lib/action_controller/test_case.rb
-- lib/action_controller.rb
+- lib/action_dispatch.rb
 - lib/action_dispatch/http/cache.rb
 - lib/action_dispatch/http/filter_parameters.rb
 - lib/action_dispatch/http/filter_redirect.rb
@@ -163,6 +153,7 @@ files:
 - lib/action_dispatch/http/response.rb
 - lib/action_dispatch/http/upload.rb
 - lib/action_dispatch/http/url.rb
+- lib/action_dispatch/journey.rb
 - lib/action_dispatch/journey/backwards.rb
 - lib/action_dispatch/journey/formatter.rb
 - lib/action_dispatch/journey/gtg/builder.rb
@@ -178,16 +169,15 @@ files:
 - lib/action_dispatch/journey/parser_extras.rb
 - lib/action_dispatch/journey/path/pattern.rb
 - lib/action_dispatch/journey/route.rb
+- lib/action_dispatch/journey/router.rb
 - lib/action_dispatch/journey/router/strexp.rb
 - lib/action_dispatch/journey/router/utils.rb
-- lib/action_dispatch/journey/router.rb
 - lib/action_dispatch/journey/routes.rb
 - lib/action_dispatch/journey/scanner.rb
 - lib/action_dispatch/journey/visitors.rb
 - lib/action_dispatch/journey/visualizer/fsm.css
 - lib/action_dispatch/journey/visualizer/fsm.js
 - lib/action_dispatch/journey/visualizer/index.html.erb
-- lib/action_dispatch/journey.rb
 - lib/action_dispatch/middleware/callbacks.rb
 - lib/action_dispatch/middleware/cookies.rb
 - lib/action_dispatch/middleware/debug_exceptions.rb
@@ -226,6 +216,7 @@ files:
 - lib/action_dispatch/railtie.rb
 - lib/action_dispatch/request/session.rb
 - lib/action_dispatch/request/utils.rb
+- lib/action_dispatch/routing.rb
 - lib/action_dispatch/routing/inspector.rb
 - lib/action_dispatch/routing/mapper.rb
 - lib/action_dispatch/routing/polymorphic_routes.rb
@@ -233,45 +224,42 @@ files:
 - lib/action_dispatch/routing/route_set.rb
 - lib/action_dispatch/routing/routes_proxy.rb
 - lib/action_dispatch/routing/url_for.rb
-- lib/action_dispatch/routing.rb
+- lib/action_dispatch/testing/assertions.rb
 - lib/action_dispatch/testing/assertions/dom.rb
 - lib/action_dispatch/testing/assertions/response.rb
 - lib/action_dispatch/testing/assertions/routing.rb
 - lib/action_dispatch/testing/assertions/selector.rb
 - lib/action_dispatch/testing/assertions/tag.rb
-- lib/action_dispatch/testing/assertions.rb
 - lib/action_dispatch/testing/integration.rb
 - lib/action_dispatch/testing/test_process.rb
 - lib/action_dispatch/testing/test_request.rb
 - lib/action_dispatch/testing/test_response.rb
-- lib/action_dispatch.rb
+- lib/action_pack.rb
 - lib/action_pack/gem_version.rb
 - lib/action_pack/version.rb
-- lib/action_pack.rb
 homepage: http://www.rubyonrails.org
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements:
 - none
 rubyforge_project: 
-rubygems_version: 1.8.23.2
+rubygems_version: 2.2.2
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Web-flow and rendering framework putting the VC in MVC (part of Rails).
 test_files: []