actionview 7.0.8.1 → 7.2.2.1

data/lib/action_view/helpers/url_helper.rb

@@ -3,11 +3,13 @@
 require "active_support/core_ext/array/access"
 require "active_support/core_ext/hash/keys"
 require "active_support/core_ext/string/output_safety"
+require "action_view/helpers/content_exfiltration_prevention_helper"
 require "action_view/helpers/tag_helper"
 
 module ActionView
-  # = Action View URL Helpers
   module Helpers # :nodoc:
+    # = Action View URL \Helpers
+    #
     # Provides a set of methods for making links and getting URLs that
     # depend on the routing subsystem (see ActionDispatch::Routing).
     # This allows you to use the same format for links in views
@@ -22,6 +24,7 @@ module ActionView
       extend ActiveSupport::Concern
 
       include TagHelper
+      include ContentExfiltrationPreventionHelper
 
       module ClassMethods
         def _url_for_modules
@@ -93,7 +96,7 @@ module ActionView
       # ==== Examples
       #
       # Because it relies on +url_for+, +link_to+ supports both older-style controller/action/id arguments
-      # and newer RESTful routes. Current Rails style favors RESTful routes whenever possible, so base
+      # and newer RESTful routes. Current \Rails style favors RESTful routes whenever possible, so base
       # your application on resources and use
       #
       #   link_to "Profile", profile_path(@profile)
@@ -170,41 +173,27 @@ module ActionView
       #   link_to "External link", "http://www.rubyonrails.org/", target: "_blank", rel: "nofollow"
       #   # => <a href="http://www.rubyonrails.org/" target="_blank" rel="nofollow">External link</a>
       #
-      # ==== Deprecated: Rails UJS Attributes
+      # ==== Turbo
       #
-      # Prior to Rails 7, Rails shipped with a JavaScript library called <tt>@rails/ujs</tt> on by default. Following Rails 7,
-      # this library is no longer on by default. This library integrated with the following options:
+      # Rails 7 ships with Turbo enabled by default. Turbo provides the following +:data+ options:
       #
-      # * <tt>method: symbol of HTTP verb</tt> - This modifier will dynamically
-      #   create an HTML form and immediately submit the form for processing using
-      #   the HTTP verb specified. Useful for having links perform a POST operation
-      #   in dangerous actions like deleting a record (which search bots can follow
-      #   while spidering your site). Supported verbs are <tt>:post</tt>, <tt>:delete</tt>, <tt>:patch</tt>, and <tt>:put</tt>.
-      #   Note that if the user has JavaScript disabled, the request will fall back
-      #   to using GET. If <tt>href: '#'</tt> is used and the user has JavaScript
-      #   disabled clicking the link will have no effect. If you are relying on the
-      #   POST behavior, you should check for it in your controller's action by using
-      #   the request object's methods for <tt>post?</tt>, <tt>delete?</tt>, <tt>patch?</tt>, or <tt>put?</tt>.
-      # * <tt>remote: true</tt> - This will allow <tt>@rails/ujs</tt>
-      #   to make an Ajax request to the URL in question instead of following
-      #   the link.
+      # * <tt>turbo_method: symbol of HTTP verb</tt> - Performs a Turbo link visit
+      #   with the given HTTP verb. Forms are recommended when performing non-+GET+ requests.
+      #   Only use <tt>data-turbo-method</tt> where a form is not possible.
       #
-      # <tt>@rails/ujs</tt> also integrated with the following +:data+ options:
+      # * <tt>turbo_confirm: "question?"</tt> - Adds a confirmation dialog to the link with the
+      #   given value.
       #
-      # * <tt>confirm: "question?"</tt> - This will allow <tt>@rails/ujs</tt>
-      #   to prompt with the question specified (in this case, the
-      #   resulting text would be <tt>question?</tt>). If the user accepts, the
-      #   link is processed normally, otherwise no action is taken.
-      # * <tt>:disable_with</tt> - Value of this parameter will be used as the
-      #   name for a disabled version of the link.
+      # {Consult the Turbo Handbook for more information on the options
+      # above.}[https://turbo.hotwired.dev/handbook/drive#performing-visits-with-a-different-method]
       #
-      # ===== Rails UJS Examples
+      # ===== \Examples
       #
-      #   link_to "Remove Profile", profile_path(@profile), method: :delete
-      #   # => <a href="/profiles/1" rel="nofollow" data-method="delete">Remove Profile</a>
+      #   link_to "Delete profile", @profile, data: { turbo_method: :delete }
+      #   # => <a href="/profiles/1" data-turbo-method="delete">Delete profile</a>
       #
-      #   link_to "Visit Other Site", "http://www.rubyonrails.org/", data: { confirm: "Are you sure?" }
-      #   # => <a href="http://www.rubyonrails.org/" data-confirm="Are you sure?">Visit Other Site</a>
+      #   link_to "Visit Other Site", "https://rubyonrails.org/", data: { turbo_confirm: "Are you sure?" }
+      #   # => <a href="https://rubyonrails.org/" data-turbo-confirm="Are you sure?">Visit Other Site</a>
       #
       def link_to(name = nil, options = nil, html_options = nil, &block)
         html_options, options, name = options, name, block if block_given?
@@ -221,9 +210,6 @@ module ActionView
       # Generates a form containing a single button that submits to the URL created
       # by the set of +options+. This is the safest method to ensure links that
       # cause changes to your data are not triggered by search bots or accelerators.
-      # If the HTML button does not work with your layout, you can also consider
-      # using the +link_to+ method with the <tt>:method</tt> modifier as described in
-      # the +link_to+ documentation.
       #
       # You can control the form and button behavior with +html_options+. Most
       # values in +html_options+ are passed through to the button element. For
@@ -234,8 +220,13 @@ module ActionView
       # +:form_class+ option within +html_options+. It defaults to
       # <tt>"button_to"</tt> to allow styling of the form and its children.
       #
-      # The form submits a POST request by default. You can specify a different
-      # HTTP verb via the +:method+ option within +html_options+.
+      # The form submits a POST request by default if the object is not persisted;
+      # conversely, if the object is persisted, it will submit a PATCH request.
+      # To specify a different HTTP verb use the +:method+ option within +html_options+.
+      #
+      # If the HTML button generated from +button_to+ does not work with your layout, you can
+      # consider using the +link_to+ method with the +data-turbo-method+
+      # attribute as described in the +link_to+ documentation.
       #
       # ==== Options
       # The +options+ hash accepts the same options as +url_for+. To generate a
@@ -302,32 +293,6 @@ module ActionView
       #   #      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"  autocomplete="off"/>
       #   #    </form>"
       #
-      # ==== Deprecated: Rails UJS Attributes
-      #
-      # Prior to Rails 7, Rails shipped with a JavaScript library called <tt>@rails/ujs</tt> on by default. Following Rails 7,
-      # this library is no longer on by default. This library integrated with the following options:
-      #
-      # * <tt>:remote</tt> -  If set to true, will allow <tt>@rails/ujs</tt> to control the
-      #   submit behavior. By default this behavior is an Ajax submit.
-      #
-      # <tt>@rails/ujs</tt> also integrated with the following +:data+ options:
-      #
-      # * <tt>confirm: "question?"</tt> - This will allow <tt>@rails/ujs</tt>
-      #   to prompt with the question specified (in this case, the
-      #   resulting text would be <tt>question?</tt>). If the user accepts, the
-      #   button is processed normally, otherwise no action is taken.
-      # * <tt>:disable_with</tt> - Value of this parameter will be
-      #   used as the value for a disabled version of the submit
-      #   button when the form is submitted.
-      #
-      # ===== Rails UJS Examples
-      #
-      #   <%= button_to "Create", { action: "create" }, remote: true, form: { "data-type" => "json" } %>
-      #   # => "<form method="post" action="/images/create" class="button_to" data-remote="true" data-type="json">
-      #   #      <button type="submit">Create</button>
-      #   #      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"  autocomplete="off"/>
-      #   #    </form>"
-      #
       def button_to(name = nil, options = nil, html_options = nil, &block)
         html_options, options = options, name if block_given?
         html_options ||= {}
@@ -380,7 +345,8 @@ module ActionView
                                        autocomplete: "off")
           end
         end
-        content_tag("form", inner_tags, form_options)
+        html = content_tag("form", inner_tags, form_options)
+        prevent_content_exfiltration(html)
       end
 
       # Creates a link tag of the given +name+ using a URL created by the set of
@@ -495,7 +461,7 @@ module ActionView
       # * <tt>:reply_to</tt> - Preset the +Reply-To+ field of the email.
       #
       # ==== Obfuscation
-      # Prior to Rails 4.0, +mail_to+ provided options for encoding the address
+      # Prior to \Rails 4.0, +mail_to+ provided options for encoding the address
       # in order to hinder email harvesters.  To take advantage of these options,
       # install the +actionview-encoded_mail_to+ gem.
       #
@@ -534,6 +500,8 @@ module ActionView
         content_tag("a", name || email_address, html_options, &block)
       end
 
+      RFC2396_PARSER = defined?(URI::RFC2396_PARSER) ? URI::RFC2396_PARSER : URI::RFC2396_Parser.new
+
       # True if the current request URI was generated by the given +options+.
       #
       # ==== Examples
@@ -590,14 +558,14 @@ module ActionView
 
         options ||= options_as_kwargs
         check_parameters ||= options.is_a?(Hash) && options.delete(:check_parameters)
-        url_string = URI::DEFAULT_PARSER.unescape(url_for(options)).force_encoding(Encoding::BINARY)
+        url_string = RFC2396_PARSER.unescape(url_for(options)).force_encoding(Encoding::BINARY)
 
         # We ignore any extra parameters in the request_uri if the
         # submitted URL doesn't have any either. This lets the function
         # work with things like ?order=asc
-        # the behaviour can be disabled with check_parameters: true
+        # the behavior can be disabled with check_parameters: true
         request_uri = url_string.index("?") || check_parameters ? request.fullpath : request.path
-        request_uri = URI::DEFAULT_PARSER.unescape(request_uri).force_encoding(Encoding::BINARY)
+        request_uri = RFC2396_PARSER.unescape(request_uri).force_encoding(Encoding::BINARY)
 
         if %r{^\w+://}.match?(url_string)
           request_uri = +"#{request.protocol}#{request.host_with_port}#{request_uri}"
@@ -609,19 +577,6 @@ module ActionView
         url_string == request_uri
       end
 
-      if RUBY_VERSION.start_with?("2.7")
-        using Module.new {
-          refine UrlHelper do
-            alias :_current_page? :current_page?
-          end
-        }
-
-        def current_page?(*args) # :nodoc:
-          options = args.pop
-          options.is_a?(Hash) ? _current_page?(*args, **options) : _current_page?(*args, options)
-        end
-      end
-
       # Creates an SMS anchor link tag to the specified +phone_number+. When the
       # link is clicked, the default SMS messaging app is opened ready to send a
       # message to the linked phone number. If the +body+ option is specified,
@@ -757,7 +712,7 @@ module ActionView
         end
 
         def add_method_to_attributes!(html_options, method)
-          if method_not_get_method?(method) && !html_options["rel"]&.match?(/nofollow/)
+          if method_not_get_method?(method) && !html_options["rel"].to_s.include?("nofollow")
             if html_options["rel"].blank?
               html_options["rel"] = "nofollow"
             else

data/lib/action_view/helpers.rb

@@ -12,6 +12,7 @@ require "action_view/helpers/asset_tag_helper"
 require "action_view/helpers/asset_url_helper"
 require "action_view/helpers/atom_feed_helper"
 require "action_view/helpers/cache_helper"
+require "action_view/helpers/content_exfiltration_prevention_helper"
 require "action_view/helpers/controller_helper"
 require "action_view/helpers/csp_helper"
 require "action_view/helpers/csrf_helper"
@@ -45,6 +46,7 @@ module ActionView # :nodoc:
     include AtomFeedHelper
     include CacheHelper
     include CaptureHelper
+    include ContentExfiltrationPreventionHelper
     include ControllerHelper
     include CspHelper
     include CsrfHelper

data/lib/action_view/layouts.rb

@@ -4,12 +4,14 @@ require "action_view/rendering"
 require "active_support/core_ext/module/redefine_method"
 
 module ActionView
+  # = Action View \Layouts
+  #
   # Layouts reverse the common pattern of including shared headers and footers in many templates to isolate changes in
   # repeated setups. The inclusion pattern has pages that look like this:
   #
-  #   <%= render "shared/header" %>
+  #   <%= render "application/header" %>
   #   Hello World
-  #   <%= render "shared/footer" %>
+  #   <%= render "application/footer" %>
   #
   # This approach is a decent way of keeping common structures isolated from the changing content, but it's verbose
   # and if you ever want to change the structure of these two includes, you'll have to change all the templates.
@@ -150,7 +152,7 @@ module ActionView
   # The template will be looked always in <tt>app/views/layouts/</tt> folder. But you can point
   # <tt>layouts</tt> folder direct also. <tt>layout "layouts/demo"</tt> is the same as <tt>layout "demo"</tt>.
   #
-  # Setting the layout to +nil+ forces it to be looked up in the filesystem and fallbacks to the parent behavior if none exists.
+  # Setting the layout to +nil+ forces it to be looked up in the filesystem and falls back to the parent behavior if none exists.
   # Setting it to +nil+ is useful to re-enable template lookup overriding a previous configuration set in the parent:
   #
   #     class ApplicationController < ActionController::Base
@@ -162,7 +164,7 @@ module ActionView
   #     end
   #
   #     class CommentsController < ApplicationController
-  #       # Will search for "comments" layout and fallback "application" layout
+  #       # Will search for "comments" layout and fall back to "application" layout
   #       layout nil
   #     end
   #
@@ -207,13 +209,11 @@ module ActionView
 
     included do
       class_attribute :_layout, instance_accessor: false
-      class_attribute :_layout_conditions, instance_accessor: false, default: {}
+      class_attribute :_layout_conditions, instance_accessor: false, instance_reader: true, default: {}
 
       _write_layout_method
     end
 
-    delegate :_layout_conditions, to: :class
-
     module ClassMethods
       def inherited(klass) # :nodoc:
         super
@@ -428,7 +428,7 @@ module ActionView
     end
 
     def _include_layout?(options)
-      (options.keys & [:body, :plain, :html, :inline, :partial]).empty? || options.key?(:layout)
+      !options.keys.intersect?([:body, :plain, :html, :inline, :partial]) || options.key?(:layout)
     end
   end
 end

data/lib/action_view/log_subscriber.rb

@@ -5,7 +5,7 @@ require "active_support/log_subscriber"
 module ActionView
   # = Action View Log Subscriber
   #
-  # Provides functionality so that Rails can output logs from Action View.
+  # Provides functionality so that \Rails can output logs from Action View.
   class LogSubscriber < ActiveSupport::LogSubscriber
     VIEWS_PATTERN = /^app\/views\//
 
@@ -18,26 +18,29 @@ module ActionView
       info do
         message = +"  Rendered #{from_rails_root(event.payload[:identifier])}"
         message << " within #{from_rails_root(event.payload[:layout])}" if event.payload[:layout]
-        message << " (Duration: #{event.duration.round(1)}ms | Allocations: #{event.allocations})"
+        message << " (Duration: #{event.duration.round(1)}ms | GC: #{event.gc_time.round(1)}ms)"
       end
     end
+    subscribe_log_level :render_template, :debug
 
     def render_partial(event)
       debug do
         message = +"  Rendered #{from_rails_root(event.payload[:identifier])}"
         message << " within #{from_rails_root(event.payload[:layout])}" if event.payload[:layout]
-        message << " (Duration: #{event.duration.round(1)}ms | Allocations: #{event.allocations})"
+        message << " (Duration: #{event.duration.round(1)}ms | GC: #{event.gc_time.round(1)}ms)"
         message << " #{cache_message(event.payload)}" unless event.payload[:cache_hit].nil?
         message
       end
     end
+    subscribe_log_level :render_partial, :debug
 
     def render_layout(event)
       info do
         message = +"  Rendered layout #{from_rails_root(event.payload[:identifier])}"
-        message << " (Duration: #{event.duration.round(1)}ms | Allocations: #{event.allocations})"
+        message << " (Duration: #{event.duration.round(1)}ms | GC: #{event.gc_time.round(1)}ms)"
       end
     end
+    subscribe_log_level :render_layout, :info
 
     def render_collection(event)
       identifier = event.payload[:identifier] || "templates"
@@ -45,33 +48,68 @@ module ActionView
       debug do
         message = +"  Rendered collection of #{from_rails_root(identifier)}"
         message << " within #{from_rails_root(event.payload[:layout])}" if event.payload[:layout]
-        message << " #{render_count(event.payload)} (Duration: #{event.duration.round(1)}ms | Allocations: #{event.allocations})"
+        message << " #{render_count(event.payload)} (Duration: #{event.duration.round(1)}ms | GC: #{event.gc_time.round(1)}ms)"
         message
       end
     end
+    subscribe_log_level :render_collection, :debug
 
-    def start(name, id, payload)
-      log_rendering_start(payload, name)
+    module Utils # :nodoc:
+      def logger
+        ActionView::Base.logger
+      end
 
-      super
-    end
+    private
+      def from_rails_root(string)
+        string = string.sub(rails_root, "")
+        string.sub!(VIEWS_PATTERN, "")
+        string
+      end
 
-    def logger
-      ActionView::Base.logger
+      def rails_root # :doc:
+        @root ||= "#{Rails.root}/"
+      end
     end
 
-  private
-    EMPTY = ""
-    def from_rails_root(string) # :doc:
-      string = string.sub(rails_root, EMPTY)
-      string.sub!(VIEWS_PATTERN, EMPTY)
-      string
+    include Utils
+
+    class Start # :nodoc:
+      include Utils
+
+      def start(name, id, payload)
+        return unless logger
+        logger.debug do
+          qualifier =
+            if name == "render_template.action_view"
+              ""
+            elsif name == "render_layout.action_view"
+              "layout "
+            end
+
+          return unless qualifier
+
+          message = +"  Rendering #{qualifier}#{from_rails_root(payload[:identifier])}"
+          message << " within #{from_rails_root(payload[:layout])}" if payload[:layout]
+          message
+        end
+      end
+
+      def finish(name, id, payload)
+      end
+
+      def silenced?(_)
+        logger.nil? || !logger.debug?
+      end
     end
 
-    def rails_root # :doc:
-      @root ||= "#{Rails.root}/"
+    def self.attach_to(*)
+      ActiveSupport::Notifications.subscribe("render_template.action_view", ActionView::LogSubscriber::Start.new)
+      ActiveSupport::Notifications.subscribe("render_layout.action_view", ActionView::LogSubscriber::Start.new)
+
+      super
     end
 
+  private
     def render_count(payload) # :doc:
       if payload[:cache_hits]
         "[#{payload[:cache_hits]} / #{payload[:count]} cache hits]"
@@ -88,23 +126,6 @@ module ActionView
         "[cache miss]"
       end
     end
-
-    def log_rendering_start(payload, name)
-      debug do
-        qualifier =
-          if name == "render_template.action_view"
-            ""
-          elsif name == "render_layout.action_view"
-            "layout "
-          end
-
-        return unless qualifier
-
-        message = +"  Rendering #{qualifier}#{from_rails_root(payload[:identifier])}"
-        message << " within #{from_rails_root(payload[:layout])}" if payload[:layout]
-        message
-      end
-    end
   end
 end
 

data/lib/action_view/lookup_context.rb

@@ -13,7 +13,7 @@ module ActionView
   # view paths, used in the resolver cache lookup. Since this key is generated
   # only once during the request, it speeds up all cache accesses.
   class LookupContext # :nodoc:
-    attr_accessor :prefixes, :rendered_format
+    attr_accessor :prefixes
 
     singleton_class.attr_accessor :registered_details
     self.registered_details = []
@@ -63,16 +63,20 @@ module ActionView
       end
 
       def self.details_cache_key(details)
-        if details[:formats]
-          details = details.dup
-          details[:formats] &= Template::Types.symbols
+        @details_keys.fetch(details) do
+          if formats = details[:formats]
+            unless Template::Types.valid_symbols?(formats)
+              details = details.dup
+              details[:formats] &= Template::Types.symbols
+            end
+          end
+          @details_keys[details] ||= TemplateDetails::Requested.new(**details)
         end
-        @details_keys[details] ||= TemplateDetails::Requested.new(**details)
       end
 
       def self.clear
-        ActionView::ViewPaths.all_view_paths.each do |path_set|
-          path_set.each(&:clear_cache)
+        ActionView::PathRegistry.all_resolvers.each do |resolver|
+          resolver.clear_cache
         end
         @view_context_class = nil
         @details_keys.clear
@@ -83,9 +87,9 @@ module ActionView
         @digest_cache.values
       end
 
-      def self.view_context_class(klass)
+      def self.view_context_class
         @view_context_mutex.synchronize do
-          @view_context_class ||= klass.with_empty_template_cache
+          @view_context_class ||= ActionView::Base.with_empty_template_cache
         end
       end
     end
@@ -148,11 +152,23 @@ module ActionView
       end
       alias :any_templates? :any?
 
+      def append_view_paths(paths)
+        @view_paths = build_view_paths(@view_paths.to_a + paths)
+      end
+
+      def prepend_view_paths(paths)
+        @view_paths = build_view_paths(paths + @view_paths.to_a)
+      end
+
     private
       # Whenever setting view paths, makes a copy so that we can manipulate them in
       # instance objects as we wish.
       def build_view_paths(paths)
-        ActionView::PathSet.new(Array(paths))
+        if ActionView::PathSet === paths
+          paths
+        else
+          ActionView::PathSet.new(Array(paths))
+        end
       end
 
       # Compute details hash and key according to user options (e.g. passed from #render).
@@ -250,12 +266,12 @@ module ActionView
         values.concat(default_formats) if values.delete "*/*"
         values.uniq!
 
-        invalid_values = (values - Template::Types.symbols)
-        unless invalid_values.empty?
+        unless Template::Types.valid_symbols?(values)
+          invalid_values = values - Template::Types.symbols
           raise ArgumentError, "Invalid formats: #{invalid_values.map(&:inspect).join(", ")}"
         end
 
-        if values == [:js]
+        if (values.length == 1) && (values[0] == :js)
           values << :html
           @html_fallback_for_js = true
         end

data/lib/action_view/path_registry.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module ActionView # :nodoc:
+  module PathRegistry # :nodoc:
+    @view_paths_by_class = {}
+    @file_system_resolvers = {}
+    @file_system_resolver_mutex = Mutex.new
+    @file_system_resolver_hooks = []
+
+    class << self
+      attr_reader :file_system_resolver_hooks
+    end
+
+    def self.get_view_paths(klass)
+      @view_paths_by_class[klass] || get_view_paths(klass.superclass)
+    end
+
+    def self.set_view_paths(klass, paths)
+      @view_paths_by_class[klass] = paths
+    end
+
+    def self.cast_file_system_resolvers(paths)
+      paths = Array(paths)
+
+      @file_system_resolver_mutex.synchronize do
+        built_resolver = false
+        paths = paths.map do |path|
+          case path
+          when String, Pathname
+            path = File.expand_path(path)
+            @file_system_resolvers[path] ||=
+              begin
+                built_resolver = true
+                FileSystemResolver.new(path)
+              end
+          else
+            path
+          end
+        end
+
+        file_system_resolver_hooks.each(&:call) if built_resolver
+      end
+
+      paths
+    end
+
+    def self.all_resolvers
+      resolvers = [all_file_system_resolvers]
+      resolvers.concat @view_paths_by_class.values.map(&:to_a)
+      resolvers.flatten.uniq
+    end
+
+    def self.all_file_system_resolvers
+      @file_system_resolvers.values
+    end
+  end
+end

data/lib/action_view/path_set.rb

@@ -13,14 +13,14 @@ module ActionView # :nodoc:
 
     attr_reader :paths
 
-    delegate :[], :include?, :pop, :size, :each, to: :paths
+    delegate :[], :include?, :size, :each, to: :paths
 
     def initialize(paths = [])
-      @paths = typecast paths
+      @paths = typecast(paths).freeze
     end
 
     def initialize_copy(other)
-      @paths = other.paths.dup
+      @paths = other.paths.dup.freeze
       self
     end
 
@@ -32,18 +32,11 @@ module ActionView # :nodoc:
       PathSet.new paths.compact
     end
 
-    def +(array)
+    def +(other)
+      array = Array === other ? other : other.paths
       PathSet.new(paths + array)
     end
 
-    %w(<< concat push insert unshift).each do |method|
-      class_eval <<-METHOD, __FILE__, __LINE__ + 1
-        def #{method}(*args)
-          paths.#{method}(*typecast(args))
-        end
-      METHOD
-    end
-
     def find(path, prefixes, partial, details, details_key, locals)
       find_all(path, prefixes, partial, details, details_key, locals).first ||
         raise(MissingTemplate.new(self, path, prefixes, partial, details, details_key, locals))
@@ -75,9 +68,15 @@ module ActionView # :nodoc:
         paths.map do |path|
           case path
           when Pathname, String
-            FileSystemResolver.new path.to_s
-          else
+            # This path should only be reached by "direct" users of
+            # ActionView::Base (not using the ViewPaths or Renderer modules).
+            # We can't cache/de-dup the file system resolver in this case as we
+            # don't know which compiled_method_container we'll be rendering to.
+            FileSystemResolver.new(path)
+          when Resolver
             path
+          else
+            raise TypeError, "#{path.inspect} is not a valid path: must be a String, Pathname, or Resolver"
           end
         end
       end