rack-mini-profiler 1.0.2 → 3.1.0

data/README.md

@@ -1,8 +1,8 @@
 # rack-mini-profiler
 
-[![Code Climate](https://codeclimate.com/github/MiniProfiler/rack-mini-profiler/badges/gpa.svg)](https://codeclimate.com/github/MiniProfiler/rack-mini-profiler) [![Build Status](https://travis-ci.org/MiniProfiler/rack-mini-profiler.svg)](https://travis-ci.org/MiniProfiler/rack-mini-profiler)
+Middleware that displays speed badge for every HTML page, along with (optional) flamegraphs and memory profiling. Designed to work both in production and in development.
 
-Middleware that displays speed badge for every html page. Designed to work both in production and in development.
+![Screenshot 2023-04-05 at 3 13 52 PM](https://user-images.githubusercontent.com/845662/229996538-0f2d9c48-23d9-4d53-a1de-8b4c84c87fbd.png)
 
 #### Features
 
@@ -19,18 +19,17 @@ Middleware that displays speed badge for every html page. Designed to work both
 
 ## rack-mini-profiler needs your help
 
-We have decided to restructure our repository so there is a central UI repo and the various language implementation have their own.
+We have decided to restructure our repository so there is a central UI repo and the various language implementations have their own.
 
 **WE NEED HELP.**
 
-- Setting up a build that reuses https://github.com/MiniProfiler/ui
-- Migrating the internal data structures [per the spec](https://github.com/MiniProfiler/ui)
+- Help [triage issues](https://www.codetriage.com/miniprofiler/rack-mini-profiler) [![Open Source Helpers](https://www.codetriage.com/miniprofiler/rack-mini-profiler/badges/users.svg)](https://www.codetriage.com/miniprofiler/rack-mini-profiler)
 
 If you feel like taking on any of this start an issue and update us on your progress.
 
 ## Installation
 
-Install/add to Gemfile in Ruby 2.3+
+Install/add to Gemfile in Ruby 2.6+
 
 ```ruby
 gem 'rack-mini-profiler'
@@ -44,7 +43,6 @@ You can also include optional libraries to enable additional features.
 gem 'memory_profiler'
 
 # For call-stack profiling flamegraphs
-gem 'flamegraph'
 gem 'stackprof'
 ```
 
@@ -52,9 +50,49 @@ gem 'stackprof'
 
 All you have to do is to include the Gem and you're good to go in development. See notes below for use in production.
 
+#### Upgrading to version 2.0.0
+
+Prior to version 2.0.0, Mini Profiler patched various Rails methods to get the information it needed such as template rendering time. Starting from version 2.0.0, Mini Profiler doesn't patch any Rails methods by default and relies on `ActiveSupport::Notifications` to get the information it needs from Rails. If you want Mini Profiler to keep using its patches in version 2.0.0 and later, change the gem line in your `Gemfile` to the following:
+
+If you want to manually require Mini Profiler:
+```ruby
+gem 'rack-mini-profiler', require: ['enable_rails_patches']
+```
+
+If you don't want to manually require Mini Profiler:
+```ruby
+gem 'rack-mini-profiler', require: ['enable_rails_patches', 'rack-mini-profiler']
+```
+
+#### `Net::HTTP` stack level too deep errors
+
+If you start seeing `SystemStackError: stack level too deep` errors from `Net::HTTP` after installing Mini Profiler, this means there is another patch for `Net::HTTP#request` that conflicts with Mini Profiler's patch in your application. To fix this, change `rack-mini-profiler` gem line in your `Gemfile` to the following:
+
+```ruby
+gem 'rack-mini-profiler', require: ['prepend_net_http_patch', 'rack-mini-profiler']
+```
+
+If you currently have `require: false`, remove the `'rack-mini-profiler'` string from the `require` array above so the gem line becomes like this:
+
+```ruby
+gem 'rack-mini-profiler', require: ['prepend_net_http_patch']
+```
+
+This conflict happens when a ruby method is patched twice, once using module prepend, and once using method aliasing. See this [ruby issue](https://bugs.ruby-lang.org/issues/11120) for details. The fix is to apply all patches the same way. Mini Profiler by default will apply its patch using method aliasing, but you can change that to module prepend by adding `require: ['prepend_net_http_patch']` to the gem line as shown above.
+
+#### `peek-mysql2` stack level too deep errors
+
+If you use peek-mysql2 with Rails >= 5, you'll need to use this gem spec in your Gemfile:
+
+```ruby
+gem 'rack-mini-profiler', require: ['prepend_mysql2_patch', 'rack-mini-profiler']
+```
+
+This should not be necessary with Rails < 5 because peek-mysql2 hooks into mysql2 gem in different ways depending on your Rails version.
+
 #### Rails and manual initialization
 
-In case you need to make sure rack_mini_profiler initialized is after all other gems, or you want to execute some code before rack_mini_profiler required:
+In case you need to make sure rack_mini_profiler is initialized after all other gems, or you want to execute some code before rack_mini_profiler required:
 
 ```ruby
 gem 'rack-mini-profiler', require: false
@@ -65,7 +103,7 @@ be loaded outright, and an attempt to re-initialize it manually will raise an ex
 Then run the generator which will set up rack-mini-profiler in development:
 
 ```bash
-bundle exec rails g rack_profiler:install
+bundle exec rails g rack_mini_profiler:install
 ```
 
 #### Rack Builder
@@ -128,12 +166,24 @@ export RACK_MINI_PROFILER_PATCH="false"
 # initializers/rack_profiler.rb: SqlPatches.patch %w(mongo)
 ```
 
+#### Patching Net::HTTP
+
+Other than databases, `rack-mini-profiler` applies a patch to `Net::HTTP`. You may want to disable this patch:
+
+```bash
+export RACK_MINI_PROFILER_PATCH_NET_HTTP="false"
+```
+
 ### Flamegraphs
 
-To generate [flamegraphs](http://samsaffron.com/archive/2013/03/19/flame-graphs-in-ruby-miniprofiler):
+To generate [flamegraphs](http://samsaffron.com/archive/2013/03/19/flame-graphs-in-ruby-miniprofiler), add the [**stackprof**](https://rubygems.org/gems/stackprof) gem to your Gemfile.
+
+Then, to view the flamegraph as a direct HTML response from your request, just visit any page in your app with `?pp=flamegraph` appended to the URL.
 
-* add the [**flamegraph**](https://github.com/SamSaffron/flamegraph) gem to your Gemfile
-* visit a page in your app with `?pp=flamegraph`
+Conversely, if you want your regular response instead (which is specially useful for JSON and/or XHR requests), just append the `?pp=async-flamegraph` parameter to your request/fetch URL; the request will then return as normal, and the flamegraph data will be stored for later *async* viewing, both for this request and for all subsequent requests made by this page (based on the `REFERER` header). For viewing these async flamegraphs, use the 'flamegraph' link that will appear inside the MiniProfiler UI for these requests.
+
+Note: Mini Profiler will not record SQL timings for a request if it asks for a flamegraph. The rationale behind this is to keep
+Mini Profiler's methods that are responsible for generating the timings data out of the flamegraph.
 
 ### Memory Profiling
 
@@ -157,6 +207,30 @@ There are two additional `pp` options that can be used to analyze memory which d
 * Use `?pp=profile-gc` to report on Garbage Collection statistics
 * Use `?pp=analyze-memory` to report on ObjectSpace statistics
 
+### Snapshots Sampling
+
+In a complex web application, it's possible for a request to trigger rare conditions that result in poor performance. Mini Profiler ships with a feature to help detect those rare conditions and fix them. It works by enabling invisible profiling on one request every N requests, and saving the performance metrics that are collected during the request (a.k.a snapshot of the request) so that they can be viewed later. To turn this feature on, set the `snapshot_every_n_requests` config to a value larger than 0. The larger the value is, the less frequently requests are profiled.
+
+Mini Profiler will exclude requests that are made to skipped paths (see `skip_paths` config below) from being sampled. Additionally, if profiling is enabled for a request that later finishes with a non-2xx status code, Mini Profiler will discard the snapshot and not save it (this behavior may change in the future).
+
+After enabling snapshots sampling, you can see the snapshots that have been collected at `/mini-profiler-resources/snapshots` (or if you changed the `base_url_path` config, substitute `mini-profiler-resources` with your value of the config). You'll see on that page a table where each row represents a group of snapshots with the duration of the worst snapshot in that group. The worst snapshot in a group is defined as the snapshot whose request took longer than all of the snapshots in the same group. Snapshots grouped by HTTP method and path of the request, and if your application is a Rails app, Mini Profiler will try to convert the path to `controller#action` and group by that instead of request path. Clicking on a group will display the snapshots of that group sorted from worst to best. From there, you can click on a snapshot's ID to see the snapshot with all the performance metrics that were collected.
+
+Access to the snapshots page is restricted to only those who can see the speed badge on their own requests, see the section below this one about access control.
+
+Mini Profiler will keep a maximum of 50 snapshot groups and a maximum of 15 snapshots per group making the default maximum number of snapshots in the system 750. The default group and per group limits can be changed via the `max_snapshot_groups` and `max_snapshots_per_group` configuration options, see the configurations table below.
+
+#### Snapshots Transporter
+
+Mini Profiler can be configured so that it sends snapshots over HTTP using the snapshots transporter. The main use-case of the transporter is to allow the aggregation of snapshots from multiple applications/sources in a single place. To enable the snapshots transporter, you need to provide a destination URL to the `snapshots_transport_destination_url` config, and a secure key to the `snapshots_transport_auth_key` config (will be used for authorization). Both of these configs are required for the transporter to be enabled.
+
+The transporter uses a buffer to temporarily hold snapshots in memory with a limit of 100 snapshots. Every 30 seconds, *if* the buffer is not empty, the transporter will make a `POST` request with the buffer content to the destination URL. Requests made by the transporter will have a `Mini-Profiler-Transport-Auth` header with the value of the `snapshots_transport_auth_key` config. The destination should only accept requests that include this header AND the header's value matches the key you set to the `snapshots_transport_auth_key` config.
+
+If the specified destination responds with a non-200 status code, the transporter will increase the interval between requests by `2^n` seconds where `n` is the number of failed requests since the last successful request. The base interval between requests is 30 seconds. So if a request fails, the next request will be `30 + 2^1 = 32` seconds later. If the next request fails too, the next one will be `30 + 2^2 = 34` seconds later and so on until a request succeeds at which point the interval will return to 30 seconds. The interval will not go beyond 1 hour.
+
+Requests made by the transporter can be optionally gzip-compressed by setting the `snapshots_transport_gzip_requests` config to true. The body of the requests (after decompression, if you opt for compression) is a JSON string with a single top-level key called `snapshots` and it has an array of snapshots. The structure of a snapshot is too complex to be explained here, but it has the same structure that Mini Profiler client expects. So if your use-case is to simply be able to view snapshots from multiple sources in one place, you should simply store the snapshots as-is, and then serve them to Mini Profiler client to consume. If the destination application also has Mini Profiler, you can simply use the API of the storage backends to store the incoming snapshots and Mini Profiler will treat them the same as local snapshots (e.g. they'll be grouped and displayed in the same manner described in the previous section).
+
+Mini Profiler offers an API to add extra fields (a.k.a custom fields) to snapshots. For example, you may want to add whether the request was made by a logged-in or anonymous user, the version of your application or any other things that are specific to your application. To add custom fields to a snapshot, call the `Rack::MiniProfiler.add_snapshot_custom_field(<key>, <value>)` method anywhere during the lifetime of a request, and the snapshot of that request will include the fields you added. If you have a Rails app, you can call that method in an `after_action` callback. Custom fields are cleared between requests.
+
 ## Access control in non-development environments
 
 rack-mini-profiler is designed with production profiling in mind. To enable that run `Rack::MiniProfiler.authorize_request` once you know a request is allowed to profile.
@@ -175,18 +249,25 @@ rack-mini-profiler is designed with production profiling in mind. To enable that
 
 Note:
 
-Out-of-the-box we will initialize the `authorization_mode` to `:whitelist` in production. However, in some cases we may not be able to do it:
+Out-of-the-box we will initialize the `authorization_mode` to `:allow_authorized` in production. However, in some cases we may not be able to do it:
 
-- If you are running in development or test we will not enable whitelist mode
+- If you are running in development or test we will not enable the explicit authorization mode
 - If you use `require: false` on rack_mini_profiler we are unlikely to be able to run the railtie
 - If you are running outside of rails we will not run the railtie
 
 In those cases use:
 
 ```ruby
-Rack::MiniProfiler.config.authorization_mode = :whitelist
+Rack::MiniProfiler.config.authorization_mode = :allow_authorized
 ```
 
+When deciding to fully profile a page mini profiler consults with the `authorization_mode`
+
+By default in production we attempt to set the authorization mode to `:allow_authorized` meaning that end user will only be able to see requests where somewhere `Rack::MiniProfiler.authorize_request` is invoked.
+
+In development we run in the `:allow_all` authorization mode meaning every request is profiled and displayed to the end user.
+
+
 ## Configuration
 
 Various aspects of rack-mini-profiler's behavior can be configured when your app boots.
@@ -221,8 +302,7 @@ Rack::MiniProfiler.config.storage = Rack::MiniProfiler::MemoryStore
 
 # set RedisStore
 if Rails.env.production?
-  uri = URI.parse(ENV["REDIS_SERVER_URL"])
-  Rack::MiniProfiler.config.storage_options = { :host => uri.host, :port => uri.port, :password => uri.password }
+  Rack::MiniProfiler.config.storage_options = { url: ENV["REDIS_SERVER_URL"] }
   Rack::MiniProfiler.config.storage = Rack::MiniProfiler::RedisStore
 end
 ```
@@ -277,19 +357,53 @@ Single page applications built using Ember, Angular or other frameworks need som
 On route transition always call:
 
 ```
-window.MiniProfiler.pageTransition();
+if (window.MiniProfiler !== undefined) {
+  window.MiniProfiler.pageTransition();
+}
 ```
 
 This method will remove profiling information that was related to previous page and clear aggregate statistics.
 
 #### MiniProfiler's speed badge on pages that are not generated via Rails
-You need to inject the following in your SPA to load MiniProfiler's speed badge ([extra details surrounding this script](https://github.com/MiniProfiler/rack-mini-profiler/issues/139#issuecomment-192880706)):
+You need to inject the following in your SPA to load MiniProfiler's speed badge ([extra details surrounding this script](https://github.com/MiniProfiler/rack-mini-profiler/issues/139#issuecomment-192880706) and [credit for the script tag](https://github.com/MiniProfiler/rack-mini-profiler/issues/479#issue-782488320) to [@ivanyv](https://github.com/ivanyv)):
 
 ```html
- <script async type="text/javascript" id="mini-profiler" src="/mini-profiler-resources/includes.js?v=12b4b45a3c42e6e15503d7a03810ff33" data-version="12b4b45a3c42e6e15503d7a03810ff33" data-path="/mini-profiler-resources/" data-current-id="redo66j4g1077kto8uh3" data-ids="redo66j4g1077kto8uh3" data-horizontal-position="left" data-vertical-position="top" data-trivial="false" data-children="false" data-max-traces="10" data-controls="false" data-authorized="true" data-toggle-shortcut="Alt+P" data-start-hidden="false" data-collapse-results="true"></script>
+ <script type="text/javascript" id="mini-profiler"
+        src="/mini-profiler-resources/includes.js?v=12b4b45a3c42e6e15503d7a03810ff33"
+        data-css-url="/mini-profiler-resources/includes.css?v=12b4b45a3c42e6e15503d7a03810ff33"
+        data-version="12b4b45a3c42e6e15503d7a03810ff33"
+        data-path="/mini-profiler-resources/"
+        data-horizontal-position="left"
+        data-vertical-position="top"
+        data-ids=""
+        data-trivial="false"
+        data-children="false"
+        data-max-traces="20"
+        data-controls="false"
+        data-total-sql-count="false"
+        data-authorized="true"
+        data-toggle-shortcut="alt+p"
+        data-start-hidden="false"
+        data-collapse-results="true"
+        data-html-container="body"
+        data-hidden-custom-fields></script>
 ```
 
-_Note:_ The GUID (`data-version` and the `?v=` parameter on the `src`) will change with each release of `rack_mini_profiler`. The MiniProfiler's speed badge will continue to work, although you will have to change the GUID to expire the script to fetch the most recent version.
+See an [example of how to do this in a React useEffect](https://gist.github.com/katelovescode/01cfc2b962c165193b160fd10af6c4d5).
+
+_Note:_ The GUID (`data-version` and the `?v=` parameter on the `src` and `data-css-url`) will change with each release of `rack_mini_profiler`. The MiniProfiler's speed badge will continue to work, although you will have to change the GUID to expire the script to fetch the most recent version.
+
+#### Using MiniProfiler's built in route for apps without HTML responses
+MiniProfiler also ships with a `/rack-mini-profiler/requests` route that displays the speed badge on a blank HTML page. This can be useful when profiling an application that does not render HTML.
+
+#### Register MiniProfiler's assets in the Rails assets pipeline
+MiniProfiler can be configured so it registers its assets in the assets pipeline. To do that, you'll need to provide a lambda (or proc) to the `assets_url` config (see the below section). The callback will receive 3 arguments which are: `name` represents asset name (currently it's either `rack-mini-profiling.js` or `rack-mini-profiling.css`), `assets_version` is a 32 characters long hash of MiniProfiler's assets, and `env` which is the `env` object of the request. MiniProfiler expects the `assets_url` callback to return a URL from which the asset can be loaded (the return value will be used as a `href`/`src` attribute in the DOM). If the `assets_url` callback is not set (the default) or it returns a non-truthy value, MiniProfiler will fallback to loading assets from its own middleware (`/mini-profiler-resources/*`). The following callback should work for most applications:
+
+```ruby
+Rack::MiniProfiler.config.assets_url = ->(name, version, env) {
+  ActionController::Base.helpers.asset_path(name)
+}
+```
 
 ### Configuration Options
 
@@ -302,98 +416,91 @@ Rack::MiniProfiler.config.start_hidden = true
 ```
 The available configuration options are:
 
-Option|Default|Description
--------|---|--------
-pre_authorize_cb|Rails: dev only<br>Rack: always on|A lambda callback that returns true to make mini_profiler visible on a given request.
-position|`'top-left'`|Display mini_profiler on `'top-right'`, `'top-left'`, `'bottom-right'` or `'bottom-left'`.
-skip_paths|`[]`|Paths that skip profiling.
-skip_schema_queries|Rails dev: `'true'`<br>Othwerwise: `'false'`|`'true'` to log schema queries.
-auto_inject|`true`|`true` to inject the miniprofiler script in the page.
-backtrace_ignores|`[]`|Regexes of lines to be removed from backtraces.
-backtrace_includes|Rails: `[/^\/?(app|config|lib|test)/]`<br>Rack: `[]`|Regexes of lines to keep in backtraces.
-backtrace_remove|rails: `Rails.root`<br>Rack: `nil`|A string or regex to remove part of each line in the backtrace.
-toggle_shortcut|Alt+P|Keyboard shortcut to toggle the mini_profiler's visibility. See [jquery.hotkeys](https://github.com/jeresig/jquery.hotkeys).
-start_hidden|`false`|`false` to make mini_profiler visible on page load.
-backtrace_threshold_ms|`0`|Minimum SQL query elapsed time before a backtrace is recorded.
-flamegraph_sample_rate|`0.5`|How often to capture stack traces for flamegraphs in milliseconds.
-disable_env_dump|`false`|`true` disables `?pp=env`, which prevents sending ENV vars over HTTP.
-base_url_path|`'/mini-profiler-resources/'`|Path for assets; added as a prefix when naming assets and sought when responding to requests.
-collapse_results|`true`|If multiple timing results exist in a single page, collapse them till clicked.
-max_traces_to_show|20|Maximum number of mini profiler timing blocks to show on one page
-html_container|`body`|The HTML container (as a jQuery selector) to inject the mini_profiler UI into
-show_total_sql_count|`false`|Displays the total number of SQL executions.
-
-### Custom middleware ordering (required if using `Rack::Deflate` with Rails)
-
-If you are using `Rack::Deflate` with rails and rack-mini-profiler in its default configuration,
-`Rack::MiniProfiler` will be injected (as always) at position 0 in the middleware stack. This
-will result in it attempting to inject html into the already-compressed response body. To fix this,
-the middleware ordering must be overriden.
-
-To do this, first add `, require: false` to the gemfile entry for rack-mini-profiler.
-This will prevent the railtie from running. Then, customize the initialization
-in the initializer like so:
+Option                              | Default                                                 | Description
+------------------------------------|---------------------------------------------------------|------------------------
+pre_authorize_cb                    | Rails: dev only<br>Rack: always on                      | A lambda callback that returns true to make mini_profiler visible on a given request.
+position                            | `'top-left'`                                            | Display mini_profiler on `'top-right'`, `'top-left'`, `'bottom-right'` or `'bottom-left'`.
+skip_paths                          | `[]`                                                    | An array of paths that skip profiling. Both `String` and `Regexp` are acceptable in the array.
+skip_schema_queries                 | Rails dev: `true`<br>Othwerwise: `false`                | `true` to skip schema queries.
+auto_inject                         | `true`                                                  | `true` to inject the miniprofiler script in the page.
+backtrace_ignores                   | `[]`                                                    | Regexes of lines to be removed from backtraces.
+backtrace_includes                  | Rails: `[/^\/?(app\|config\|lib\|test)/]`<br>Rack: `[]` | Regexes of lines to keep in backtraces.
+backtrace_remove                    | rails: `Rails.root`<br>Rack: `nil`                      | A string or regex to remove part of each line in the backtrace.
+toggle_shortcut                     | Alt+P                                                   | Keyboard shortcut to toggle the mini_profiler's visibility. See [jquery.hotkeys](https://github.com/jeresig/jquery.hotkeys).
+start_hidden                        | `false`                                                 | `false` to make mini_profiler visible on page load.
+backtrace_threshold_ms              | `0`                                                     | Minimum SQL query elapsed time before a backtrace is recorded.
+flamegraph_sample_rate              | `0.5`                                                   | How often to capture stack traces for flamegraphs in milliseconds.
+flamegraph_mode                     | `:wall`                                                 | The [StackProf mode](https://github.com/tmm1/stackprof#all-options) to pass to `StackProf.run`.
+base_url_path                       | `'/mini-profiler-resources/'`                           | Path for assets; added as a prefix when naming assets and sought when responding to requests.
+cookie_path                         | `'/'`                                                   | Set-Cookie header path for profile cookie
+collapse_results                    | `true`                                                  | If multiple timing results exist in a single page, collapse them till clicked.
+max_traces_to_show                  | 20                                                      | Maximum number of mini profiler timing blocks to show on one page
+html_container                      | `body`                                                  | The HTML container (as a jQuery selector) to inject the mini_profiler UI into
+show_total_sql_count                | `false`                                                 | Displays the total number of SQL executions.
+enable_advanced_debugging_tools     | `false`                                                 | Enables sensitive debugging tools that can be used via the UI. In production we recommend keeping this disabled as memory and environment debugging tools can expose contents of memory that may contain passwords. Defaults to `true` in development.
+assets_url                          | `nil`                                                   | See the "Register MiniProfiler's assets in the Rails assets pipeline" section above.
+snapshot_every_n_requests           | `-1`                                                    | Determines how frequently snapshots are taken. See the "Snapshots Sampling" above for more details.
+max_snapshot_groups                 | `50`                                                    | Determines how many snapshot groups Mini Profiler is allowed to keep.
+max_snapshots_per_group             | `15`                                                    | Determines how many snapshots per group Mini Profiler is allowed to keep.
+snapshot_hidden_custom_fields       | `[]`                                                    | Each snapshot custom field will have a dedicated column in the UI by default. Use this config to exclude certain custom fields from having their own columns.
+snapshots_transport_destination_url | `nil`                                                   | Set this config to a valid URL to enable snapshots transporter which will `POST` snapshots to the given URL. The transporter requires `snapshots_transport_auth_key` config to be set as well.
+snapshots_transport_auth_key        | `nil`                                                   | `POST` requests made by the snapshots transporter to the destination URL will have a `Mini-Profiler-Transport-Auth` header with the value of this config. Make sure you use a secure and random key for this config.
+snapshots_redact_sql_queries        | `true`                                                  | When this is true, SQL queries will be redacted from sampling snapshots, but the backtrace and duration of each SQL query will be saved with the snapshot to keep debugging performance issues possible.
+snapshots_transport_gzip_requests   | `false`                                                 | Make the snapshots transporter gzip the requests it makes to `snapshots_transport_destination_url`.
+content_security_policy_nonce       | Rails: Current nonce<br>Rack: nil                       | Set the content security policy nonce to use when inserting MiniProfiler's script block.
+enable_hotwire_turbo_drive_support  | `false`                                                 | Enable support for Hotwire TurboDrive page transitions.
+profile_parameter                   | `'pp'`                                                  | The query parameter used to interact with this gem.
+
+### Using MiniProfiler with `Rack::Deflate` middleware
+
+If you are using `Rack::Deflate` with Rails and `rack-mini-profiler` in its default configuration,
+`Rack::MiniProfiler` will be injected (as always) at position 0 in the middleware stack,
+which means it will run after `Rack::Deflate` on response processing. To prevent attempting to inject
+HTML in already compressed response body MiniProfiler will suppress compression by setting
+`identity` encoding in `Accept-Encoding` request header.
+
+### Using MiniProfiler with Heroku Redis
+
+If you are using Heroku Redis, you may need to add the following to your `config/initializers/mini_profiler.rb`, in order to get Mini Profiler to work:
 
 ```ruby
-require 'rack-mini-profiler'
-
-Rack::MiniProfilerRails.initialize!(Rails.application)
-
-Rails.application.middleware.delete(Rack::MiniProfiler)
-Rails.application.middleware.insert_after(Rack::Deflater, Rack::MiniProfiler)
+if Rails.env.production?
+  Rack::MiniProfiler.config.storage_options = { 
+    url: ENV["REDIS_URL"],
+    ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
+  }
+  Rack::MiniProfiler.config.storage = Rack::MiniProfiler::RedisStore
+end
 ```
 
-Deleting the middleware and then reinserting it is a bit inelegant, but
-a sufficient and costless solution. It is possible that rack-mini-profiler might
-support this scenario more directly if it is found that
-there is significant need for this confriguration or that
-the above recipe causes problems.
-
+The above code snippet is [Heroku's officially suggested workaround](https://help.heroku.com/HC0F8CUS/redis-connection-issues).
 
 ## Special query strings
 
 If you include the query string `pp=help` at the end of your request you will see the various options available. You can use these options to extend or contract the amount of diagnostics rack-mini-profiler gathers.
 
+## Development
 
-## Rails 2.X support
+If you want to contribute to this project, that's great, thank you! You can run the following rake task:
 
-To get MiniProfiler working with Rails 2.3.X you need to do the initialization manually as well as monkey patch away an incompatibility between activesupport and json_pure.
+```
+$ BUNDLE_GEMFILE=website/Gemfile bundle install
+$ bundle exec rake client_dev
+```
 
-Add the following code to your environment.rb (or just in a specific environment such as development.rb) for initialization and configuration of MiniProfiler.
+This will start a local Sinatra server at `http://localhost:9292` where you'll be able to preview your changes. Refreshing the page should be enough to see any changes you make to files in the `lib/html` directory.
 
-```ruby
-# configure and initialize MiniProfiler
-require 'rack-mini-profiler'
-c = ::Rack::MiniProfiler.config
-c.pre_authorize_cb = lambda { |env|
-  Rails.env.development? || Rails.env.production?
-}
-tmp = Rails.root.to_s + "/tmp/miniprofiler"
-FileUtils.mkdir_p(tmp) unless File.exist?(tmp)
-c.storage_options = {:path => tmp}
-c.storage = ::Rack::MiniProfiler::FileStore
-config.middleware.use(::Rack::MiniProfiler)
-::Rack::MiniProfiler.profile_method(ActionController::Base, :process) {|action| "Executing action: #{action}"}
-::Rack::MiniProfiler.profile_method(ActionView::Template, :render) {|x,y| "Rendering: #{path_without_format_and_extension}"}
-
-# monkey patch away an activesupport and json_pure incompatability
-# http://pivotallabs.com/users/alex/blog/articles/1332-monkey-patch-of-the-day-activesupport-vs-json-pure-vs-ruby-1-8
-if JSON.const_defined?(:Pure)
-  class JSON::Pure::Generator::State
-    include ActiveSupport::CoreExtensions::Hash::Except
-  end
-end
-```
+Make sure to prepend `bundle exec` before any Rake tasks you run.
 
 ## Running the Specs
 
+You need Memcached and Redis services running for the specs.
+
 ```
-$ rake build
-$ rake spec
+$ bundle exec rake build
+$ bundle exec rake spec
 ```
 
-Additionally you can also run `autotest` if you like.
-
 ## Licence
 
 The MIT License (MIT)

data/lib/enable_rails_patches.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Rack
+  MINI_PROFILER_ENABLE_RAILS_PATCHES = true
+end

data/lib/generators/rack_mini_profiler/USAGE

@@ -0,0 +1,9 @@
+Description:
+    Generates an initializer for rack-mini-profiler. Use an initializer when manually
+    requiring rack-mini-profiler in your application (using require: false in your Gemfile).
+
+Example:
+    `bin/rails generate rack_mini_profiler:install`
+
+    This generates a an initializer that requires and initializes
+    rack-mini-profiler in development mode.

data/lib/generators/rack_mini_profiler/install_generator.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module RackMiniProfiler
+  module Generators
+    class InstallGenerator < ::Rails::Generators::Base
+      source_root File.expand_path("templates", __dir__)
+
+      def create_initializer_file
+        copy_file "rack_mini_profiler.rb", "config/initializers/rack_mini_profiler.rb"
+      end
+    end
+  end
+end

data/lib/generators/{rack_profiler/templates/rack_profiler.rb → rack_mini_profiler/templates/rack_mini_profiler.rb}

@@ -3,6 +3,6 @@
 if Rails.env.development?
   require "rack-mini-profiler"
 
-  # initialization is skipped so trigger it
+  # The initializer was required late, so initialize it manually.
   Rack::MiniProfilerRails.initialize!(Rails.application)
 end

data/lib/generators/rack_profiler/install_generator.rb

@@ -1,12 +1,15 @@
 # frozen_string_literal: true
 
+require "generators/rack_mini_profiler/install_generator"
+
 module RackProfiler
   module Generators
-    class InstallGenerator < ::Rails::Generators::Base
-      source_root File.expand_path("templates", __dir__)
+    class InstallGenerator < RackMiniProfiler::Generators::InstallGenerator
+      source_root File.expand_path("../rack_mini_profiler/templates", __dir__)
 
       def create_initializer_file
-        copy_file "rack_profiler.rb", "config/initializers/rack_profiler.rb"
+        warn("bin/rails generate rack_profiler:install is deprecated. Please use rack_mini_profiler:install instead.")
+        super
       end
     end
   end

data/lib/html/dot.1.1.2.min.js

@@ -0,0 +1,2 @@
+/* Laura Doktorova https://github.com/olado/doT */
+!function(){"use strict";function e(n,t,r){return("string"==typeof t?t:t.toString()).replace(n.define||a,function(e,t,o,a){return 0===t.indexOf("def.")&&(t=t.substring(4)),t in r||(":"===o?(n.defineParams&&a.replace(n.defineParams,function(e,n,o){r[t]={arg:n,text:o}}),t in r||(r[t]=a)):new Function("def","def['"+t+"']="+a)(r)),""}).replace(n.use||a,function(t,o){n.useParams&&(o=o.replace(n.useParams,function(e,n,t,o){if(r[t]&&r[t].arg&&o){var a=(t+":"+o).replace(/'|\\/g,"_");return r.__exp=r.__exp||{},r.__exp[a]=r[t].text.replace(new RegExp("(^|[^\\w$])"+r[t].arg+"([^\\w$])","g"),"$1"+o+"$2"),n+"def.__exp['"+a+"']"}}));var a=new Function("def","return "+o)(r);return a?e(n,a,r):a})}function n(e){return e.replace(/\\('|\\)/g,"$1").replace(/[\r\t\n]/g," ")}var t,r={engine:"doT",version:"1.1.1",templateSettings:{evaluate:/\{\{([\s\S]+?(\}?)+)\}\}/g,interpolate:/\{\{=([\s\S]+?)\}\}/g,encode:/\{\{!([\s\S]+?)\}\}/g,use:/\{\{#([\s\S]+?)\}\}/g,useParams:/(^|[^\w$])def(?:\.|\[[\'\"])([\w$\.]+)(?:[\'\"]\])?\s*\:\s*([\w$\.]+|\"[^\"]+\"|\'[^\']+\'|\{[^\}]+\})/g,define:/\{\{##\s*([\w\.$]+)\s*(\:|=)([\s\S]+?)#\}\}/g,defineParams:/^\s*([\w$]+):([\s\S]+)/,conditional:/\{\{\?(\?)?\s*([\s\S]*?)\s*\}\}/g,iterate:/\{\{~\s*(?:\}\}|([\s\S]+?)\s*\:\s*([\w$]+)\s*(?:\:\s*([\w$]+))?\s*\}\})/g,varname:"it",strip:!0,append:!0,selfcontained:!1,doNotSkipEncoded:!1},template:void 0,compile:void 0,log:!0};r.encodeHTMLSource=function(e){var n={"&":"&#38;","<":"&#60;",">":"&#62;",'"':"&#34;","'":"&#39;","/":"&#47;"},t=e?/[&<>"'\/]/g:/&(?!#?\w+;)|<|>|"|'|\//g;return function(e){return e?e.toString().replace(t,function(e){return n[e]||e}):""}},t=function(){return this||(0,eval)("this")}(),"undefined"!=typeof module&&module.exports?module.exports=r:"function"==typeof define&&define.amd?define(function(){return r}):t.doT=r;var o={append:{start:"'+(",end:")+'",startencode:"'+encodeHTML("},split:{start:"';out+=(",end:");out+='",startencode:"';out+=encodeHTML("}},a=/$^/;r.template=function(c,i,u){i=i||r.templateSettings;var d,s,p=i.append?o.append:o.split,l=0,f=i.use||i.define?e(i,c,u||{}):c;f=("var out='"+(i.strip?f.replace(/(^|\r|\n)\t* +| +\t*(\r|\n|$)/g," ").replace(/\r|\n|\t|\/\*[\s\S]*?\*\//g,""):f).replace(/'|\\/g,"\\$&").replace(i.interpolate||a,function(e,t){return p.start+n(t)+p.end}).replace(i.encode||a,function(e,t){return d=!0,p.startencode+n(t)+p.end}).replace(i.conditional||a,function(e,t,r){return t?r?"';}else if("+n(r)+"){out+='":"';}else{out+='":r?"';if("+n(r)+"){out+='":"';}out+='"}).replace(i.iterate||a,function(e,t,r,o){return t?(l+=1,s=o||"i"+l,t=n(t),"';var arr"+l+"="+t+";if(arr"+l+"){var "+r+","+s+"=-1,l"+l+"=arr"+l+".length-1;while("+s+"<l"+l+"){"+r+"=arr"+l+"["+s+"+=1];out+='"):"';} } out+='"}).replace(i.evaluate||a,function(e,t){return"';"+n(t)+"out+='"})+"';return out;").replace(/\n/g,"\\n").replace(/\t/g,"\\t").replace(/\r/g,"\\r").replace(/(\s|;|\}|^|\{)out\+='';/g,"$1").replace(/\+''/g,""),d&&(i.selfcontained||!t||t._encodeHTML||(t._encodeHTML=r.encodeHTMLSource(i.doNotSkipEncoded)),f="var encodeHTML = typeof _encodeHTML !== 'undefined' ? _encodeHTML : ("+r.encodeHTMLSource.toString()+"("+(i.doNotSkipEncoded||"")+"));"+f);try{return new Function(i.varname,f)}catch(e){throw"undefined"!=typeof console&&console.log("Could not create a template function: "+f),e}},r.compile=function(e,n){return r.template(e,null,n)}}();