rack-mini-profiler 1.0.1 → 2.3.2

data/lib/mini_profiler/asset_version.rb

@@ -1,5 +1,6 @@
+# frozen_string_literal: true
 module Rack
   class MiniProfiler
-    ASSET_VERSION = '355f78011d9b95de14a5b1014b088681'.freeze
+    ASSET_VERSION = '8cccf9fed3d62814b1d70f252554501b'
   end
-end
+end

data/lib/mini_profiler/client_settings.rb

@@ -42,7 +42,7 @@ module Rack
       def handle_cookie(result)
         status, headers, _body = result
 
-        if (MiniProfiler.config.authorization_mode == :whitelist && !MiniProfiler.request_authorized?)
+        if (MiniProfiler.config.authorization_mode == :allow_authorized && !MiniProfiler.request_authorized?)
           # this is non-obvious, don't kill the profiling cookie on errors or short requests
           # this ensures that stuff that never reaches the rails stack does not kill profiling
           if status.to_i >= 200 && status.to_i < 300 && ((Process.clock_gettime(Process::CLOCK_MONOTONIC) - @start) > 0.1)
@@ -59,7 +59,7 @@ module Rack
 
         tokens_changed = false
 
-        if MiniProfiler.request_authorized? && MiniProfiler.config.authorization_mode == :whitelist
+        if MiniProfiler.request_authorized? && MiniProfiler.config.authorization_mode == :allow_authorized
           @allowed_tokens ||= @store.allowed_tokens
           tokens_changed = !@orig_auth_tokens || ((@allowed_tokens - @orig_auth_tokens).length > 0)
         end
@@ -76,6 +76,7 @@ module Rack
           settings_string = settings.map { |k, v| "#{k}=#{v}" }.join(",")
           cookie = { value: settings_string, path: '/', httponly: true }
           cookie[:secure] = true if @request.ssl?
+          cookie[:same_site] = 'Lax'
           Rack::Utils.set_cookie_header!(headers, COOKIE_NAME, cookie)
         end
       end
@@ -89,10 +90,17 @@ module Rack
       def has_valid_cookie?
         valid_cookie = !@cookie.nil?
 
-        if (MiniProfiler.config.authorization_mode == :whitelist)
-          @allowed_tokens ||= @store.allowed_tokens
+        if (MiniProfiler.config.authorization_mode == :allow_authorized) && valid_cookie
+          begin
+            @allowed_tokens ||= @store.allowed_tokens
+          rescue => e
+            if MiniProfiler.config.storage_failure != nil
+              MiniProfiler.config.storage_failure.call(e)
+            end
+          end
 
-          valid_cookie = (Array === @orig_auth_tokens) &&
+          valid_cookie = @allowed_tokens &&
+            (Array === @orig_auth_tokens) &&
             ((@allowed_tokens & @orig_auth_tokens).length > 0)
         end
 

data/lib/mini_profiler/config.rb

@@ -34,9 +34,11 @@ module Rack
             end
           end
           @enabled = true
-          @disable_env_dump = false
           @max_sql_param_length = 0 # disable sql parameter collection by default
           @skip_sql_param_names = /password/ # skips parameters with the name password by default
+          @enable_advanced_debugging_tools = false
+          @snapshot_every_n_requests = -1
+          @snapshots_limit = 1000
 
           # ui parameters
           @autorized            = true
@@ -47,9 +49,14 @@ module Rack
           @show_trivial         = false
           @show_total_sql_count = false
           @start_hidden         = false
-          @toggle_shortcut      = 'Alt+P'
+          @toggle_shortcut      = 'alt+p'
           @html_container       = 'body'
           @position             = "top-left"
+          @snapshot_hidden_custom_fields = []
+          @snapshots_transport_destination_url = nil
+          @snapshots_transport_auth_key = nil
+          @snapshots_redact_sql_queries = true
+          @snapshots_transport_gzip_requests = false
 
           self
         }
@@ -57,20 +64,51 @@ module Rack
 
       attr_accessor :authorization_mode, :auto_inject, :backtrace_ignores,
         :backtrace_includes, :backtrace_remove, :backtrace_threshold_ms,
-        :base_url_path, :disable_caching, :disable_env_dump, :enabled,
+        :base_url_path, :disable_caching, :enabled,
         :flamegraph_sample_rate, :logger, :pre_authorize_cb, :skip_paths,
         :skip_schema_queries, :storage, :storage_failure, :storage_instance,
-        :storage_options, :user_provider
-      attr_accessor :skip_sql_param_names, :suppress_encoding, :max_sql_param_length
+        :storage_options, :user_provider, :enable_advanced_debugging_tools,
+        :skip_sql_param_names, :suppress_encoding, :max_sql_param_length
 
       # ui accessors
       attr_accessor :collapse_results, :max_traces_to_show, :position,
         :show_children, :show_controls, :show_trivial, :show_total_sql_count,
         :start_hidden, :toggle_shortcut, :html_container
 
+      # snapshot related config
+      attr_accessor :snapshot_every_n_requests, :snapshots_limit,
+        :snapshot_hidden_custom_fields, :snapshots_transport_destination_url,
+        :snapshots_transport_auth_key, :snapshots_redact_sql_queries,
+        :snapshots_transport_gzip_requests
+
       # Deprecated options
       attr_accessor :use_existing_jquery
 
+      attr_reader :assets_url
+
+      # redefined - since the accessor defines it first
+      undef :authorization_mode=
+      def authorization_mode=(mode)
+        if mode == :whitelist
+          warn "[DEPRECATION] `:whitelist` authorization mode is deprecated. Please use `:allow_authorized` instead."
+
+          mode = :allow_authorized
+        end
+
+        warn <<~DEP unless mode == :allow_authorized || mode == :allow_all
+          [DEPRECATION] unknown authorization mode #{mode}. Expected `:allow_all` or `:allow_authorized`.
+        DEP
+
+        @authorization_mode = mode
+      end
+
+      def assets_url=(lmbda)
+        if defined?(Rack::MiniProfilerRails)
+          Rack::MiniProfilerRails.create_engine
+        end
+        @assets_url = lmbda
+      end
+
       def vertical_position
         position.include?('bottom') ? 'bottom' : 'top'
       end

data/lib/mini_profiler/gc_profiler.rb

@@ -151,7 +151,7 @@ String stats:
       body << "#{count} : #{string}\n"
     end
 
-    return [200, { 'Content-Type' => 'text/plain' }, body]
+    [200, { 'Content-Type' => 'text/plain' }, body]
   ensure
     prev_gc_state ? GC.disable : GC.enable
   end

data/lib/mini_profiler/profiler.rb

@@ -1,10 +1,17 @@
 # frozen_string_literal: true
 
+require 'cgi'
+
 module Rack
   class MiniProfiler
     class << self
 
       include Rack::MiniProfiler::ProfilingMethods
+      attr_accessor :subscribe_sql_active_record
+
+      def patch_rails?
+        !!defined?(Rack::MINI_PROFILER_ENABLE_RAILS_PATCHES)
+      end
 
       def generate_id
         rand(36**20).to_s(36)
@@ -33,9 +40,21 @@ module Rack
 
       def current=(c)
         # we use TLS cause we need access to this from sql blocks and code blocks that have no access to env
+        Thread.current[:mini_profiler_snapshot_custom_fields] = nil
+        Thread.current[:mp_ongoing_snapshot] = nil
         Thread.current[:mini_profiler_private] = c
       end
 
+      def add_snapshot_custom_field(key, value)
+        thread_var_key = :mini_profiler_snapshot_custom_fields
+        Thread.current[thread_var_key] ||= {}
+        Thread.current[thread_var_key][key] = value
+      end
+
+      def get_snapshot_custom_fields
+        Thread.current[:mini_profiler_snapshot_custom_fields]
+      end
+
       # discard existing results, don't track this request
       def discard_results
         self.current.discard = true if current
@@ -62,6 +81,32 @@ module Rack
         Thread.current[:mp_authorized]
       end
 
+      def advanced_tools_message
+        <<~TEXT
+          This feature is disabled by default, to enable set the enable_advanced_debugging_tools option to true in Mini Profiler config.
+        TEXT
+      end
+
+      def binds_to_params(binds)
+        return if binds.nil? || config.max_sql_param_length == 0
+        # map ActiveRecord::Relation::QueryAttribute to [name, value]
+        params = binds.map { |c| c.kind_of?(Array) ? [c.first, c.last] : [c.name, c.value] }
+        if (skip = config.skip_sql_param_names)
+          params.map { |(n, v)| n =~ skip ? [n, nil] : [n, v] }
+        else
+          params
+        end
+      end
+
+      def snapshots_transporter?
+        !!config.snapshots_transport_destination_url &&
+        !!config.snapshots_transport_auth_key
+      end
+
+      def redact_sql_queries?
+        Thread.current[:mp_ongoing_snapshot] == true &&
+        Rack::MiniProfiler.config.snapshots_redact_sql_queries
+      end
     end
 
     #
@@ -71,7 +116,7 @@ module Rack
       MiniProfiler.config.merge!(config)
       @config = MiniProfiler.config
       @app    = app
-      @config.base_url_path << "/" unless @config.base_url_path.end_with? "/"
+      @config.base_url_path += "/" unless @config.base_url_path.end_with? "/"
       unless @config.storage_instance
         @config.storage_instance = @config.storage.new(@config.storage_options)
       end
@@ -84,15 +129,24 @@ module Rack
 
     def serve_results(env)
       request     = Rack::Request.new(env)
-      id          = request[:id]
-      page_struct = @storage.load(id)
-      unless page_struct
+      id          = request.params['id']
+      is_snapshot = request.params['snapshot']
+      is_snapshot = [true, "true"].include?(is_snapshot)
+      if is_snapshot
+        page_struct = @storage.load_snapshot(id)
+      else
+        page_struct = @storage.load(id)
+      end
+      if !page_struct && is_snapshot
+        id = ERB::Util.html_escape(id)
+        return [404, {}, ["Snapshot with id '#{id}' not found"]]
+      elsif !page_struct
         @storage.set_viewed(user(env), id)
-        id        = ERB::Util.html_escape(request['id'])
+        id        = ERB::Util.html_escape(id)
         user_info = ERB::Util.html_escape(user(env))
         return [404, {}, ["Request not found: #{id} - user #{user_info}"]]
       end
-      unless page_struct[:has_user_viewed]
+      if !page_struct[:has_user_viewed] && !is_snapshot
         page_struct[:client_timings]  = TimerStruct::Client.init_from_form_data(env, page_struct)
         page_struct[:has_user_viewed] = true
         @storage.save(page_struct)
@@ -127,11 +181,13 @@ module Rack
       file_name = path.sub(@config.base_url_path, '')
 
       return serve_results(env) if file_name.eql?('results')
+      return handle_snapshots_request(env) if file_name.eql?('snapshots')
+      return serve_flamegraph(env) if file_name.eql?('flamegraph')
 
       resources_env = env.dup
       resources_env['PATH_INFO'] = file_name
 
-      rack_file = Rack::File.new(MiniProfiler.resources_root, 'Cache-Control' => 'max-age:86400')
+      rack_file = Rack::File.new(MiniProfiler.resources_root, 'Cache-Control' => "max-age=#{cache_control_value}")
       rack_file.call(resources_env)
     end
 
@@ -147,11 +203,18 @@ module Rack
       @config
     end
 
-    def call(env)
+    def advanced_debugging_enabled?
+      config.enable_advanced_debugging_tools
+    end
+
+    def tool_disabled_message(client_settings)
+      client_settings.handle_cookie(text_result(Rack::MiniProfiler.advanced_tools_message))
+    end
 
+    def call(env)
       start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
       client_settings = ClientSettings.new(env, @storage, start)
-      MiniProfiler.deauthorize_request if @config.authorization_mode == :whitelist
+      MiniProfiler.deauthorize_request if @config.authorization_mode == :allow_authorized
 
       status = headers = body = nil
       query_string = env['QUERY_STRING']
@@ -160,15 +223,31 @@ module Rack
       # Someone (e.g. Rails engine) could change the SCRIPT_NAME so we save it
       env['RACK_MINI_PROFILER_ORIGINAL_SCRIPT_NAME'] = ENV['PASSENGER_BASE_URI'] || env['SCRIPT_NAME']
 
-      skip_it = (@config.pre_authorize_cb && !@config.pre_authorize_cb.call(env)) ||
-                (@config.skip_paths && @config.skip_paths.any? { |p| path.start_with?(p) }) ||
-                query_string =~ /pp=skip/
+      skip_it = /pp=skip/.match?(query_string) || (
+        @config.skip_paths &&
+        @config.skip_paths.any? do |p|
+          if p.instance_of?(String)
+            path.start_with?(p)
+          elsif p.instance_of?(Regexp)
+            p.match?(path)
+          end
+        end
+      )
+      if skip_it
+        return client_settings.handle_cookie(@app.call(env))
+      end
+
+      skip_it = (@config.pre_authorize_cb && !@config.pre_authorize_cb.call(env))
 
       if skip_it || (
-        @config.authorization_mode == :whitelist &&
+        @config.authorization_mode == :allow_authorized &&
         !client_settings.has_valid_cookie?
       )
-        return client_settings.handle_cookie(@app.call(env))
+        if take_snapshot?(path)
+          return client_settings.handle_cookie(take_snapshot(env, start))
+        else
+          return client_settings.handle_cookie(@app.call(env))
+        end
       end
 
       # handle all /mini-profiler requests here
@@ -195,12 +274,23 @@ module Rack
 
       # profile gc
       if query_string =~ /pp=profile-gc/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
         current.measure = false if current
         return client_settings.handle_cookie(Rack::MiniProfiler::GCProfiler.new.profile_gc(@app, env))
       end
 
       # profile memory
       if query_string =~ /pp=profile-memory/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
+
+        unless defined?(MemoryProfiler) && MemoryProfiler.respond_to?(:report)
+          message = "Please install the memory_profiler gem and require it: add gem 'memory_profiler' to your Gemfile"
+          _, _, body = @app.call(env)
+          body.close if body.respond_to? :close
+
+          return client_settings.handle_cookie(text_result(message))
+        end
+
         query_params = Rack::Utils.parse_nested_query(query_string)
         options = {
           ignore_files: query_params['memory_profiler_ignore_files'],
@@ -256,27 +346,40 @@ module Rack
         # Prevent response body from being compressed
         env['HTTP_ACCEPT_ENCODING'] = 'identity' if config.suppress_encoding
 
-        if query_string =~ /pp=flamegraph/
-          unless defined?(Flamegraph) && Flamegraph.respond_to?(:generate)
-
-            flamegraph = "Please install the flamegraph gem and require it: add gem 'flamegraph' to your Gemfile"
-            status, headers, body = @app.call(env)
+        if query_string =~ /pp=(async-)?flamegraph/ || env['HTTP_REFERER'] =~ /pp=async-flamegraph/
+          unless defined?(StackProf) && StackProf.respond_to?(:run)
+            headers = { 'Content-Type' => 'text/html' }
+            message = "Please install the stackprof gem and require it: add gem 'stackprof' to your Gemfile"
+            body.close if body.respond_to? :close
+            return client_settings.handle_cookie([500, headers, message])
           else
             # do not sully our profile with mini profiler timings
             current.measure = false
             match_data      = query_string.match(/flamegraph_sample_rate=([\d\.]+)/)
 
-            mode = query_string =~ /mode=c/ ? :c : :ruby
-
             if match_data && !match_data[1].to_f.zero?
               sample_rate = match_data[1].to_f
             else
               sample_rate = config.flamegraph_sample_rate
             end
-            flamegraph = Flamegraph.generate(nil, fidelity: sample_rate, embed_resources: query_string =~ /embed/, mode: mode) do
+            flamegraph = StackProf.run(
+              mode: :wall,
+              raw: true,
+              aggregate: false,
+              interval: (sample_rate * 1000).to_i
+            ) do
               status, headers, body = @app.call(env)
             end
           end
+        elsif path == '/rack-mini-profiler/requests'
+          blank_page_html = <<~HTML
+            <html>
+              <head></head>
+              <body></body>
+            </html>
+          HTML
+
+          status, headers, body = [200, { 'Content-Type' => 'text/html' }, [blank_page_html.dup]]
         else
           status, headers, body = @app.call(env)
         end
@@ -287,7 +390,7 @@ module Rack
 
       skip_it = current.discard
 
-      if (config.authorization_mode == :whitelist && !MiniProfiler.request_authorized?)
+      if (config.authorization_mode == :allow_authorized && !MiniProfiler.request_authorized?)
         skip_it = true
       end
 
@@ -307,12 +410,14 @@ module Rack
         return client_settings.handle_cookie(dump_exceptions exceptions)
       end
 
-      if query_string =~ /pp=env/ && !config.disable_env_dump
+      if query_string =~ /pp=env/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
         body.close if body.respond_to? :close
         return client_settings.handle_cookie(dump_env env)
       end
 
       if query_string =~ /pp=analyze-memory/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
         body.close if body.respond_to? :close
         return client_settings.handle_cookie(analyze_memory)
       end
@@ -326,9 +431,12 @@ module Rack
       page_struct[:user] = user(env)
       page_struct[:root].record_time((Process.clock_gettime(Process::CLOCK_MONOTONIC) - start) * 1000)
 
-      if flamegraph
+      if flamegraph && query_string =~ /pp=flamegraph/
         body.close if body.respond_to? :close
-        return client_settings.handle_cookie(self.flamegraph(flamegraph))
+        return client_settings.handle_cookie(self.flamegraph(flamegraph, path))
+      elsif flamegraph # async-flamegraph
+        page_struct[:has_flamegraph] = true
+        page_struct[:flamegraph] = flamegraph
       end
 
       begin
@@ -369,7 +477,7 @@ module Rack
 
       # inject header
       if headers.is_a? Hash
-        headers['X-MiniProfiler-Ids'] = ids_json(env)
+        headers['X-MiniProfiler-Ids'] = ids_comma_separated(env)
       end
 
       if current.inject_js && content_type =~ /text\/html/
@@ -397,7 +505,13 @@ module Rack
         if script.respond_to?(:encoding) && script.respond_to?(:force_encoding)
           script = script.force_encoding(fragment.encoding)
         end
-        fragment.insert(index, script)
+
+        safe_script = script
+        if script.respond_to?(:html_safe)
+          safe_script = script.html_safe
+        end
+
+        fragment.insert(index, safe_script)
       else
         fragment
       end
@@ -522,7 +636,7 @@ module Rack
 
     def make_link(postfix, env)
       link = env["PATH_INFO"] + "?" + env["QUERY_STRING"].sub("pp=help", "pp=#{postfix}")
-      "pp=<a href='#{link}'>#{postfix}</a>"
+      "pp=<a href='#{ERB::Util.html_escape(link)}'>#{postfix}</a>"
     end
 
     def help(client_settings, env)
@@ -539,13 +653,14 @@ Append the following to your query string:
   #{make_link "full-backtrace", env} #{"(*) " if client_settings.backtrace_full?}: enable full backtraces for SQL executed (use pp=normal-backtrace to disable)
   #{make_link "disable", env} : disable profiling for this session
   #{make_link "enable", env} : enable profiling for this session (if previously disabled)
-  #{make_link "profile-gc", env} : perform gc profiling on this request, analyzes ObjectSpace generated by request (ruby 1.9.3 only)
+  #{make_link "profile-gc", env} : perform gc profiling on this request, analyzes ObjectSpace generated by request
   #{make_link "profile-memory", env} : requires the memory_profiler gem, new location based report
-  #{make_link "flamegraph", env} : works best on Ruby 2.0, a graph representing sampled activity (requires the flamegraph gem).
+  #{make_link "flamegraph", env} : a graph representing sampled activity (requires the stackprof gem).
+  #{make_link "async-flamegraph", env} : store flamegraph data for this page and all its AJAX requests. Flamegraph links will be available in the mini-profiler UI (requires the stackprof gem).
   #{make_link "flamegraph&flamegraph_sample_rate=1", env}: creates a flamegraph with the specified sample rate (in ms). Overrides value set in config
-  #{make_link "flamegraph_embed", env} : works best on Ruby 2.0, a graph representing sampled activity (requires the flamegraph gem), embedded resources for use on an intranet.
-  #{make_link "trace-exceptions", env} : requires Ruby 2.0, will return all the spots where your application raises exceptions
-  #{make_link "analyze-memory", env} : requires Ruby 2.0, will perform basic memory analysis of heap
+  #{make_link "flamegraph_embed", env} : a graph representing sampled activity (requires the stackprof gem), embedded resources for use on an intranet.
+  #{make_link "trace-exceptions", env} : will return all the spots where your application raises exceptions
+  #{make_link "analyze-memory", env} : will perform basic memory analysis of heap
 </pre>
 </body>
 </html>
@@ -554,9 +669,33 @@ Append the following to your query string:
       [200, headers, [body]]
     end
 
-    def flamegraph(graph)
+    def flamegraph(graph, path)
       headers = { 'Content-Type' => 'text/html' }
-      [200, headers, [graph]]
+      html = <<~HTML
+        <!DOCTYPE html>
+        <html>
+          <head>
+            <style>
+              body { margin: 0; height: 100vh; }
+              #speedscope-iframe { width: 100%; height: 100%; border: none; }
+            </style>
+          </head>
+          <body>
+            <script type="text/javascript">
+              var graph = #{JSON.generate(graph)};
+              var json = JSON.stringify(graph);
+              var blob = new Blob([json], { type: 'text/plain' });
+              var objUrl = encodeURIComponent(URL.createObjectURL(blob));
+              var iframe = document.createElement('IFRAME');
+              iframe.setAttribute('id', 'speedscope-iframe');
+              document.body.appendChild(iframe);
+              var iframeUrl = '#{@config.base_url_path}speedscope/index.html#profileURL=' + objUrl + '&title=' + 'Flamegraph for #{CGI.escape(path)}';
+              iframe.setAttribute('src', iframeUrl);
+            </script>
+          </body>
+        </html>
+      HTML
+      [200, headers, [html]]
     end
 
     def ids(env)
@@ -568,10 +707,6 @@ Append the following to your query string:
       all
     end
 
-    def ids_json(env)
-      ::JSON.generate(ids(env))
-    end
-
     def ids_comma_separated(env)
       ids(env).join(",")
     end
@@ -584,10 +719,20 @@ Append the following to your query string:
     # * you do not want script to be automatically appended for the current page. You can also call cancel_auto_inject
     def get_profile_script(env)
       path = "#{env['RACK_MINI_PROFILER_ORIGINAL_SCRIPT_NAME']}#{@config.base_url_path}"
+      version = MiniProfiler::ASSET_VERSION
+      if @config.assets_url
+        url = @config.assets_url.call('rack-mini-profiler.js', version, env)
+        css_url = @config.assets_url.call('rack-mini-profiler.css', version, env)
+      end
+
+      url = "#{path}includes.js?v=#{version}" if !url
+      css_url = "#{path}includes.css?v=#{version}" if !css_url
 
       settings = {
        path: path,
-       version: MiniProfiler::ASSET_VERSION,
+       url: url,
+       cssUrl: css_url,
+       version: version,
        verticalPosition: @config.vertical_position,
        horizontalPosition: @config.horizontal_position,
        showTrivial: @config.show_trivial,
@@ -599,7 +744,8 @@ Append the following to your query string:
        toggleShortcut: @config.toggle_shortcut,
        startHidden: @config.start_hidden,
        collapseResults: @config.collapse_results,
-       htmlContainer: @config.html_container
+       htmlContainer: @config.html_container,
+       hiddenCustomFields: @config.snapshot_hidden_custom_fields.join(',')
       }
 
       if current && current.page_struct
@@ -627,5 +773,127 @@ Append the following to your query string:
       current.inject_js = false
     end
 
+    def cache_control_value
+      86400
+    end
+
+    private
+
+    def handle_snapshots_request(env)
+      self.current = nil
+      MiniProfiler.authorize_request
+      status = 200
+      headers = { 'Content-Type' => 'text/html' }
+      qp = Rack::Utils.parse_nested_query(env['QUERY_STRING'])
+      if group_name = qp["group_name"]
+        list = @storage.find_snapshots_group(group_name)
+        list.each do |snapshot|
+          snapshot[:url] = url_for_snapshot(snapshot[:id])
+        end
+        data = {
+          group_name: group_name,
+          list: list
+        }
+      else
+        list = @storage.snapshot_groups_overview
+        list.each do |group|
+          group[:url] = url_for_snapshots_group(group[:name])
+        end
+        data = {
+          page: "overview",
+          list: list
+        }
+      end
+      data_html = <<~HTML
+        <div style="display: none;" id="snapshots-data">
+        #{data.to_json}
+        </div>
+      HTML
+      response = Rack::Response.new([], status, headers)
+
+      response.write <<~HTML
+        <html>
+          <head></head>
+          <body class="mp-snapshots">
+      HTML
+      response.write(data_html)
+      script = self.get_profile_script(env)
+      response.write(script)
+      response.write <<~HTML
+          </body>
+        </html>
+      HTML
+      response.finish
+    end
+
+    def serve_flamegraph(env)
+      request     = Rack::Request.new(env)
+      id          = request.params['id']
+      page_struct = @storage.load(id)
+
+      if !page_struct
+        id        = ERB::Util.html_escape(id)
+        user_info = ERB::Util.html_escape(user(env))
+        return [404, {}, ["Request not found: #{id} - user #{user_info}"]]
+      end
+
+      if !page_struct[:flamegraph]
+        return [404, {}, ["No flamegraph available for #{ERB::Util.html_escape(id)}"]]
+      end
+
+      self.flamegraph(page_struct[:flamegraph], page_struct[:request_path])
+    end
+
+    def rails_route_from_path(path, method)
+      if defined?(Rails) && defined?(ActionController::RoutingError)
+        hash = Rails.application.routes.recognize_path(path, method: method)
+        if hash && hash[:controller] && hash[:action]
+          "#{method} #{hash[:controller]}##{hash[:action]}"
+        end
+      end
+    rescue ActionController::RoutingError
+      nil
+    end
+
+    def url_for_snapshots_group(group_name)
+      qs = Rack::Utils.build_query({ group_name: group_name })
+      "/#{@config.base_url_path.gsub('/', '')}/snapshots?#{qs}"
+    end
+
+    def url_for_snapshot(id)
+      qs = Rack::Utils.build_query({ id: id, snapshot: true })
+      "/#{@config.base_url_path.gsub('/', '')}/results?#{qs}"
+    end
+
+    def take_snapshot?(path)
+      @config.snapshot_every_n_requests > 0 &&
+      !path.start_with?(@config.base_url_path) &&
+      @storage.should_take_snapshot?(@config.snapshot_every_n_requests)
+    end
+
+    def take_snapshot(env, start)
+      MiniProfiler.create_current(env, @config)
+      Thread.current[:mp_ongoing_snapshot] = true
+      results = @app.call(env)
+      status = results[0].to_i
+      if status >= 200 && status < 300
+        page_struct = current.page_struct
+        page_struct[:root].record_time(
+          (Process.clock_gettime(Process::CLOCK_MONOTONIC) - start) * 1000
+        )
+        custom_fields = MiniProfiler.get_snapshot_custom_fields
+        page_struct[:custom_fields] = custom_fields if custom_fields
+        if Rack::MiniProfiler.snapshots_transporter?
+          Rack::MiniProfiler::SnapshotsTransporter.transport(page_struct)
+        else
+          @storage.push_snapshot(
+            page_struct,
+            @config
+          )
+        end
+      end
+      self.current = nil
+      results
+    end
   end
 end