rack-mini-profiler 1.0.2 → 3.1.1

data/lib/{mini_profiler/profiler.rb → mini_profiler.rb}

@@ -1,10 +1,28 @@
 # frozen_string_literal: true
 
+require 'cgi'
+require 'json'
+require 'erb'
+
+require 'mini_profiler/timer_struct'
+require 'mini_profiler/storage'
+require 'mini_profiler/config'
+require 'mini_profiler/profiling_methods'
+require 'mini_profiler/context'
+require 'mini_profiler/client_settings'
+require 'mini_profiler/gc_profiler'
+require 'mini_profiler/snapshots_transporter'
+
 module Rack
   class MiniProfiler
     class << self
 
       include Rack::MiniProfiler::ProfilingMethods
+      attr_accessor :subscribe_sql_active_record
+
+      def patch_rails?
+        !!defined?(Rack::MINI_PROFILER_ENABLE_RAILS_PATCHES)
+      end
 
       def generate_id
         rand(36**20).to_s(36)
@@ -20,11 +38,11 @@ module Rack
       end
 
       def resources_root
-        @resources_root ||= ::File.expand_path("../../html", __FILE__)
+        @resources_root ||= ::File.expand_path("../html", __FILE__)
       end
 
       def share_template
-        @share_template ||= ERB.new(::File.read(::File.expand_path("../html/share.html", ::File.dirname(__FILE__))))
+        @share_template ||= ERB.new(::File.read(::File.expand_path("html/share.html", ::File.dirname(__FILE__))))
       end
 
       def current
@@ -33,9 +51,21 @@ module Rack
 
       def current=(c)
         # we use TLS cause we need access to this from sql blocks and code blocks that have no access to env
+        Thread.current[:mini_profiler_snapshot_custom_fields] = nil
+        Thread.current[:mp_ongoing_snapshot] = nil
         Thread.current[:mini_profiler_private] = c
       end
 
+      def add_snapshot_custom_field(key, value)
+        thread_var_key = :mini_profiler_snapshot_custom_fields
+        Thread.current[thread_var_key] ||= {}
+        Thread.current[thread_var_key][key] = value
+      end
+
+      def get_snapshot_custom_fields
+        Thread.current[:mini_profiler_snapshot_custom_fields]
+      end
+
       # discard existing results, don't track this request
       def discard_results
         self.current.discard = true if current
@@ -62,6 +92,32 @@ module Rack
         Thread.current[:mp_authorized]
       end
 
+      def advanced_tools_message
+        <<~TEXT
+          This feature is disabled by default, to enable set the enable_advanced_debugging_tools option to true in Mini Profiler config.
+        TEXT
+      end
+
+      def binds_to_params(binds)
+        return if binds.nil? || config.max_sql_param_length == 0
+        # map ActiveRecord::Relation::QueryAttribute to [name, value]
+        params = binds.map { |c| c.kind_of?(Array) ? [c.first, c.last] : [c.name, c.value] }
+        if (skip = config.skip_sql_param_names)
+          params.map { |(n, v)| n =~ skip ? [n, nil] : [n, v] }
+        else
+          params
+        end
+      end
+
+      def snapshots_transporter?
+        !!config.snapshots_transport_destination_url &&
+        !!config.snapshots_transport_auth_key
+      end
+
+      def redact_sql_queries?
+        Thread.current[:mp_ongoing_snapshot] == true &&
+        Rack::MiniProfiler.config.snapshots_redact_sql_queries
+      end
     end
 
     #
@@ -71,7 +127,7 @@ module Rack
       MiniProfiler.config.merge!(config)
       @config = MiniProfiler.config
       @app    = app
-      @config.base_url_path << "/" unless @config.base_url_path.end_with? "/"
+      @config.base_url_path += "/" unless @config.base_url_path.end_with? "/"
       unless @config.storage_instance
         @config.storage_instance = @config.storage.new(@config.storage_options)
       end
@@ -84,15 +140,24 @@ module Rack
 
     def serve_results(env)
       request     = Rack::Request.new(env)
-      id          = request[:id]
-      page_struct = @storage.load(id)
-      unless page_struct
+      id          = request.params['id']
+      group_name  = request.params['group']
+      is_snapshot = group_name && group_name.size > 0
+      if is_snapshot
+        page_struct = @storage.load_snapshot(id, group_name)
+      else
+        page_struct = @storage.load(id)
+      end
+      if !page_struct && is_snapshot
+        id = ERB::Util.html_escape(id)
+        return [404, {}, ["Snapshot with id '#{id}' not found"]]
+      elsif !page_struct
         @storage.set_viewed(user(env), id)
-        id        = ERB::Util.html_escape(request['id'])
+        id        = ERB::Util.html_escape(id)
         user_info = ERB::Util.html_escape(user(env))
         return [404, {}, ["Request not found: #{id} - user #{user_info}"]]
       end
-      unless page_struct[:has_user_viewed]
+      if !page_struct[:has_user_viewed] && !is_snapshot
         page_struct[:client_timings]  = TimerStruct::Client.init_from_form_data(env, page_struct)
         page_struct[:has_user_viewed] = true
         @storage.save(page_struct)
@@ -127,11 +192,13 @@ module Rack
       file_name = path.sub(@config.base_url_path, '')
 
       return serve_results(env) if file_name.eql?('results')
+      return handle_snapshots_request(env) if file_name.eql?('snapshots')
+      return serve_flamegraph(env) if file_name.eql?('flamegraph')
 
       resources_env = env.dup
       resources_env['PATH_INFO'] = file_name
 
-      rack_file = Rack::File.new(MiniProfiler.resources_root, 'Cache-Control' => 'max-age:86400')
+      rack_file = Rack::File.new(MiniProfiler.resources_root, 'Cache-Control' => "max-age=#{cache_control_value}")
       rack_file.call(resources_env)
     end
 
@@ -147,11 +214,18 @@ module Rack
       @config
     end
 
-    def call(env)
+    def advanced_debugging_enabled?
+      config.enable_advanced_debugging_tools
+    end
+
+    def tool_disabled_message(client_settings)
+      client_settings.handle_cookie(text_result(Rack::MiniProfiler.advanced_tools_message))
+    end
 
+    def call(env)
       start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
       client_settings = ClientSettings.new(env, @storage, start)
-      MiniProfiler.deauthorize_request if @config.authorization_mode == :whitelist
+      MiniProfiler.deauthorize_request if @config.authorization_mode == :allow_authorized
 
       status = headers = body = nil
       query_string = env['QUERY_STRING']
@@ -160,15 +234,31 @@ module Rack
       # Someone (e.g. Rails engine) could change the SCRIPT_NAME so we save it
       env['RACK_MINI_PROFILER_ORIGINAL_SCRIPT_NAME'] = ENV['PASSENGER_BASE_URI'] || env['SCRIPT_NAME']
 
-      skip_it = (@config.pre_authorize_cb && !@config.pre_authorize_cb.call(env)) ||
-                (@config.skip_paths && @config.skip_paths.any? { |p| path.start_with?(p) }) ||
-                query_string =~ /pp=skip/
+      skip_it = /#{@config.profile_parameter}=skip/.match?(query_string) || (
+        @config.skip_paths &&
+        @config.skip_paths.any? do |p|
+          if p.instance_of?(String)
+            path.start_with?(p)
+          elsif p.instance_of?(Regexp)
+            p.match?(path)
+          end
+        end
+      )
+      if skip_it
+        return client_settings.handle_cookie(@app.call(env))
+      end
+
+      skip_it = (@config.pre_authorize_cb && !@config.pre_authorize_cb.call(env))
 
       if skip_it || (
-        @config.authorization_mode == :whitelist &&
+        @config.authorization_mode == :allow_authorized &&
         !client_settings.has_valid_cookie?
       )
-        return client_settings.handle_cookie(@app.call(env))
+        if take_snapshot?(path)
+          return client_settings.handle_cookie(take_snapshot(env, start))
+        else
+          return client_settings.handle_cookie(@app.call(env))
+        end
       end
 
       # handle all /mini-profiler requests here
@@ -176,11 +266,11 @@ module Rack
 
       has_disable_cookie = client_settings.disable_profiling?
       # manual session disable / enable
-      if query_string =~ /pp=disable/ || has_disable_cookie
+      if query_string =~ /#{@config.profile_parameter}=disable/ || has_disable_cookie
         skip_it = true
       end
 
-      if query_string =~ /pp=enable/
+      if query_string =~ /#{@config.profile_parameter}=enable/
         skip_it = false
         config.enabled = true
       end
@@ -194,13 +284,26 @@ module Rack
       end
 
       # profile gc
-      if query_string =~ /pp=profile-gc/
+      if query_string =~ /#{@config.profile_parameter}=profile-gc/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
         current.measure = false if current
         return client_settings.handle_cookie(Rack::MiniProfiler::GCProfiler.new.profile_gc(@app, env))
       end
 
       # profile memory
-      if query_string =~ /pp=profile-memory/
+      if query_string =~ /#{@config.profile_parameter}=profile-memory/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
+
+        unless defined?(MemoryProfiler) && MemoryProfiler.respond_to?(:report)
+          message = "Please install the memory_profiler gem and require it: add gem 'memory_profiler' to your Gemfile"
+          status, headers, body = @app.call(env)
+          body.close if body.respond_to? :close
+
+          return client_settings.handle_cookie(
+            text_result(message, status: 500, headers: headers)
+          )
+        end
+
         query_params = Rack::Utils.parse_nested_query(query_string)
         options = {
           ignore_files: query_params['memory_profiler_ignore_files'],
@@ -218,12 +321,12 @@ module Rack
 
       MiniProfiler.create_current(env, @config)
 
-      if query_string =~ /pp=normal-backtrace/
+      if query_string =~ /#{@config.profile_parameter}=normal-backtrace/
         client_settings.backtrace_level = ClientSettings::BACKTRACE_DEFAULT
-      elsif query_string =~ /pp=no-backtrace/
+      elsif query_string =~ /#{@config.profile_parameter}=no-backtrace/
         current.skip_backtrace = true
         client_settings.backtrace_level = ClientSettings::BACKTRACE_NONE
-      elsif query_string =~ /pp=full-backtrace/ || client_settings.backtrace_full?
+      elsif query_string =~ /#{@config.profile_parameter}=full-backtrace/ || client_settings.backtrace_full?
         current.full_backtrace = true
         client_settings.backtrace_level = ClientSettings::BACKTRACE_FULL
       elsif client_settings.backtrace_none?
@@ -232,7 +335,7 @@ module Rack
 
       flamegraph = nil
 
-      trace_exceptions = query_string =~ /pp=trace-exceptions/ && defined? TracePoint
+      trace_exceptions = query_string =~ /#{@config.profile_parameter}=trace-exceptions/ && defined? TracePoint
       status, headers, body, exceptions, trace = nil
 
       if trace_exceptions
@@ -256,27 +359,56 @@ module Rack
         # Prevent response body from being compressed
         env['HTTP_ACCEPT_ENCODING'] = 'identity' if config.suppress_encoding
 
-        if query_string =~ /pp=flamegraph/
-          unless defined?(Flamegraph) && Flamegraph.respond_to?(:generate)
-
-            flamegraph = "Please install the flamegraph gem and require it: add gem 'flamegraph' to your Gemfile"
-            status, headers, body = @app.call(env)
-          else
+        if query_string =~ /pp=(async-)?flamegraph/ || env['HTTP_REFERER'] =~ /pp=async-flamegraph/
+          if defined?(StackProf) && StackProf.respond_to?(:run)
             # do not sully our profile with mini profiler timings
             current.measure = false
             match_data      = query_string.match(/flamegraph_sample_rate=([\d\.]+)/)
 
-            mode = query_string =~ /mode=c/ ? :c : :ruby
-
             if match_data && !match_data[1].to_f.zero?
               sample_rate = match_data[1].to_f
             else
               sample_rate = config.flamegraph_sample_rate
             end
-            flamegraph = Flamegraph.generate(nil, fidelity: sample_rate, embed_resources: query_string =~ /embed/, mode: mode) do
+
+            mode_match_data = query_string.match(/flamegraph_mode=([a-zA-Z]+)/)
+
+            if mode_match_data && [:cpu, :wall, :object, :custom].include?(mode_match_data[1].to_sym)
+              mode = mode_match_data[1].to_sym
+            else
+              mode = config.flamegraph_mode
+            end
+
+            flamegraph = StackProf.run(
+              mode: mode,
+              raw: true,
+              aggregate: false,
+              interval: (sample_rate * 1000).to_i
+            ) do
               status, headers, body = @app.call(env)
             end
+          else
+            message = "Please install the stackprof gem and require it: add gem 'stackprof' to your Gemfile"
+            status, headers, body = @app.call(env)
+            body.close if body.respond_to? :close
+
+            return client_settings.handle_cookie(
+              text_result(message, status: status, headers: headers)
+            )
           end
+        elsif path == '/rack-mini-profiler/requests'
+          blank_page_html = <<~HTML
+            <!DOCTYPE html>
+            <html>
+              <head>
+                <title>Rack::MiniProfiler Requests</title>
+              </head>
+              <body>
+              </body>
+            </html>
+          HTML
+
+          status, headers, body = [200, { 'Content-Type' => 'text/html' }, [blank_page_html.dup]]
         else
           status, headers, body = @app.call(env)
         end
@@ -287,7 +419,7 @@ module Rack
 
       skip_it = current.discard
 
-      if (config.authorization_mode == :whitelist && !MiniProfiler.request_authorized?)
+      if (config.authorization_mode == :allow_authorized && !MiniProfiler.request_authorized?)
         skip_it = true
       end
 
@@ -307,17 +439,19 @@ module Rack
         return client_settings.handle_cookie(dump_exceptions exceptions)
       end
 
-      if query_string =~ /pp=env/ && !config.disable_env_dump
+      if query_string =~ /#{@config.profile_parameter}=env/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
         body.close if body.respond_to? :close
         return client_settings.handle_cookie(dump_env env)
       end
 
-      if query_string =~ /pp=analyze-memory/
+      if query_string =~ /#{@config.profile_parameter}=analyze-memory/
+        return tool_disabled_message(client_settings) if !advanced_debugging_enabled?
         body.close if body.respond_to? :close
         return client_settings.handle_cookie(analyze_memory)
       end
 
-      if query_string =~ /pp=help/
+      if query_string =~ /#{@config.profile_parameter}=help/
         body.close if body.respond_to? :close
         return client_settings.handle_cookie(help(client_settings, env))
       end
@@ -326,9 +460,12 @@ module Rack
       page_struct[:user] = user(env)
       page_struct[:root].record_time((Process.clock_gettime(Process::CLOCK_MONOTONIC) - start) * 1000)
 
-      if flamegraph
+      if flamegraph && query_string =~ /#{@config.profile_parameter}=flamegraph/
         body.close if body.respond_to? :close
-        return client_settings.handle_cookie(self.flamegraph(flamegraph))
+        return client_settings.handle_cookie(self.flamegraph(flamegraph, path, env))
+      elsif flamegraph # async-flamegraph
+        page_struct[:has_flamegraph] = true
+        page_struct[:flamegraph] = flamegraph
       end
 
       begin
@@ -369,7 +506,7 @@ module Rack
 
       # inject header
       if headers.is_a? Hash
-        headers['X-MiniProfiler-Ids'] = ids_json(env)
+        headers['X-MiniProfiler-Ids'] = ids_comma_separated(env)
       end
 
       if current.inject_js && content_type =~ /text\/html/
@@ -421,7 +558,7 @@ module Rack
 
         body << "\nBacktraces\n"
         exceptions.each_with_index do |e, i|
-          body << "##{i + 1}: #{e.class} - \"#{e.message}\"\n  #{e.backtrace.join("\n  ")}\n\n"
+          body << "##{i + 1}: #{e.class} - \"#{e.message.lines.first.chomp}\"\n  #{e.backtrace.join("\n  ")}\n\n"
         end
       end
       text_result(body)
@@ -521,48 +658,82 @@ module Rack
       text_result(body)
     end
 
-    def text_result(body)
-      headers = { 'Content-Type' => 'text/plain' }
-      [200, headers, [body]]
+    def text_result(body, status: 200, headers: nil)
+      headers = (headers || {}).merge('Content-Type' => 'text/plain; charset=utf-8')
+      [status, headers, [body]]
     end
 
     def make_link(postfix, env)
-      link = env["PATH_INFO"] + "?" + env["QUERY_STRING"].sub("pp=help", "pp=#{postfix}")
-      "pp=<a href='#{link}'>#{postfix}</a>"
+      link = env["PATH_INFO"] + "?" + env["QUERY_STRING"].sub("#{@config.profile_parameter}=help", "#{@config.profile_parameter}=#{postfix}")
+      "#{@config.profile_parameter}=<a href='#{ERB::Util.html_escape(link)}'>#{postfix}</a>"
     end
 
     def help(client_settings, env)
       headers = { 'Content-Type' => 'text/html' }
-      body = "<html><body>
-<pre style='line-height: 30px; font-size: 16px;'>
-Append the following to your query string:
-
-  #{make_link "help", env} : display this screen
-  #{make_link "env", env} : display the rack environment
-  #{make_link "skip", env} : skip mini profiler for this request
-  #{make_link "no-backtrace", env} #{"(*) " if client_settings.backtrace_none?}: don't collect stack traces from all the SQL executed (sticky, use pp=normal-backtrace to enable)
-  #{make_link "normal-backtrace", env} #{"(*) " if client_settings.backtrace_default?}: collect stack traces from all the SQL executed and filter normally
-  #{make_link "full-backtrace", env} #{"(*) " if client_settings.backtrace_full?}: enable full backtraces for SQL executed (use pp=normal-backtrace to disable)
-  #{make_link "disable", env} : disable profiling for this session
-  #{make_link "enable", env} : enable profiling for this session (if previously disabled)
-  #{make_link "profile-gc", env} : perform gc profiling on this request, analyzes ObjectSpace generated by request (ruby 1.9.3 only)
-  #{make_link "profile-memory", env} : requires the memory_profiler gem, new location based report
-  #{make_link "flamegraph", env} : works best on Ruby 2.0, a graph representing sampled activity (requires the flamegraph gem).
-  #{make_link "flamegraph&flamegraph_sample_rate=1", env}: creates a flamegraph with the specified sample rate (in ms). Overrides value set in config
-  #{make_link "flamegraph_embed", env} : works best on Ruby 2.0, a graph representing sampled activity (requires the flamegraph gem), embedded resources for use on an intranet.
-  #{make_link "trace-exceptions", env} : requires Ruby 2.0, will return all the spots where your application raises exceptions
-  #{make_link "analyze-memory", env} : requires Ruby 2.0, will perform basic memory analysis of heap
-</pre>
-</body>
-</html>
-"
-
-      [200, headers, [body]]
-    end
-
-    def flamegraph(graph)
+      html = <<~HTML
+        <!DOCTYPE html>
+        <html>
+          <head>
+            <title>Rack::MiniProfiler Help</title>
+          </head>
+          <body>
+            <pre style='line-height: 30px; font-size: 16px'>
+              This is the help menu of the <a href='#{Rack::MiniProfiler::SOURCE_CODE_URI}'>rack-mini-profiler</a> gem, append the following to your query string for more options:
+
+              #{make_link "help", env} : display this screen
+              #{make_link "env", env} : display the rack environment
+              #{make_link "skip", env} : skip mini profiler for this request
+              #{make_link "no-backtrace", env} #{"(*) " if client_settings.backtrace_none?}: don't collect stack traces from all the SQL executed (sticky, use #{@config.profile_parameter}=normal-backtrace to enable)
+              #{make_link "normal-backtrace", env} #{"(*) " if client_settings.backtrace_default?}: collect stack traces from all the SQL executed and filter normally
+              #{make_link "full-backtrace", env} #{"(*) " if client_settings.backtrace_full?}: enable full backtraces for SQL executed (use #{@config.profile_parameter}=normal-backtrace to disable)
+              #{make_link "disable", env} : disable profiling for this session
+              #{make_link "enable", env} : enable profiling for this session (if previously disabled)
+              #{make_link "profile-gc", env} : perform gc profiling on this request, analyzes ObjectSpace generated by request
+              #{make_link "profile-memory", env} : requires the memory_profiler gem, new location based report
+              #{make_link "flamegraph", env} : a graph representing sampled activity (requires the stackprof gem).
+              #{make_link "async-flamegraph", env} : store flamegraph data for this page and all its AJAX requests. Flamegraph links will be available in the mini-profiler UI (requires the stackprof gem).
+              #{make_link "flamegraph&flamegraph_sample_rate=1", env}: creates a flamegraph with the specified sample rate (in ms). Overrides value set in config
+              #{make_link "flamegraph&flamegraph_mode=cpu", env}: creates a flamegraph with the specified mode (one of cpu, wall, object, or custom). Overrides value set in config
+              #{make_link "flamegraph_embed", env} : a graph representing sampled activity (requires the stackprof gem), embedded resources for use on an intranet.
+              #{make_link "trace-exceptions", env} : will return all the spots where your application raises exceptions
+              #{make_link "analyze-memory", env} : will perform basic memory analysis of heap
+            </pre>
+          </body>
+        </html>
+      HTML
+
+      [200, headers, [html]]
+    end
+
+    def flamegraph(graph, path, env)
       headers = { 'Content-Type' => 'text/html' }
-      [200, headers, [graph]]
+      iframe_src = "#{public_base_path(env)}speedscope/index.html"
+      html = <<~HTML
+        <!DOCTYPE html>
+        <html>
+          <head>
+            <title>Rack::MiniProfiler Flamegraph</title>
+            <style>
+              body { margin: 0; height: 100vh; }
+              #speedscope-iframe { width: 100%; height: 100%; border: none; }
+            </style>
+          </head>
+          <body>
+            <script type="text/javascript">
+              var graph = #{JSON.generate(graph)};
+              var json = JSON.stringify(graph);
+              var blob = new Blob([json], { type: 'text/plain' });
+              var objUrl = encodeURIComponent(URL.createObjectURL(blob));
+              var iframe = document.createElement('IFRAME');
+              iframe.setAttribute('id', 'speedscope-iframe');
+              document.body.appendChild(iframe);
+              var iframeUrl = '#{iframe_src}#profileURL=' + objUrl + '&title=' + 'Flamegraph for #{CGI.escape(path)}';
+              iframe.setAttribute('src', iframeUrl);
+            </script>
+          </body>
+        </html>
+      HTML
+      [200, headers, [html]]
     end
 
     def ids(env)
@@ -574,10 +745,6 @@ Append the following to your query string:
       all
     end
 
-    def ids_json(env)
-      ::JSON.generate(ids(env))
-    end
-
     def ids_comma_separated(env)
       ids(env).join(",")
     end
@@ -589,11 +756,25 @@ Append the following to your query string:
     # * you have disabled auto append behaviour throught :auto_inject => false flag
     # * you do not want script to be automatically appended for the current page. You can also call cancel_auto_inject
     def get_profile_script(env)
-      path = "#{env['RACK_MINI_PROFILER_ORIGINAL_SCRIPT_NAME']}#{@config.base_url_path}"
+      path = public_base_path(env)
+      version = MiniProfiler::ASSET_VERSION
+      if @config.assets_url
+        url = @config.assets_url.call('rack-mini-profiler.js', version, env)
+        css_url = @config.assets_url.call('rack-mini-profiler.css', version, env)
+      end
+
+      url = "#{path}includes.js?v=#{version}" if !url
+      css_url = "#{path}includes.css?v=#{version}" if !css_url
+
+      content_security_policy_nonce = @config.content_security_policy_nonce ||
+                                      env["action_dispatch.content_security_policy_nonce"] ||
+                                      env["secure_headers_content_security_policy_nonce"]
 
       settings = {
        path: path,
-       version: MiniProfiler::ASSET_VERSION,
+       url: url,
+       cssUrl: css_url,
+       version: version,
        verticalPosition: @config.vertical_position,
        horizontalPosition: @config.horizontal_position,
        showTrivial: @config.show_trivial,
@@ -605,7 +786,10 @@ Append the following to your query string:
        toggleShortcut: @config.toggle_shortcut,
        startHidden: @config.start_hidden,
        collapseResults: @config.collapse_results,
-       htmlContainer: @config.html_container
+       htmlContainer: @config.html_container,
+       hiddenCustomFields: @config.snapshot_hidden_custom_fields.join(','),
+       cspNonce: content_security_policy_nonce,
+       hotwireTurboDriveSupport: @config.enable_hotwire_turbo_drive_support,
       }
 
       if current && current.page_struct
@@ -617,7 +801,7 @@ Append the following to your query string:
       end
 
       # TODO : cache this snippet
-      script = IO.read(::File.expand_path('../html/profile_handler.js', ::File.dirname(__FILE__)))
+      script = ::File.read(::File.expand_path('html/profile_handler.js', ::File.dirname(__FILE__)))
       # replace the variables
       settings.each do |k, v|
         regex = Regexp.new("\\{#{k.to_s}\\}")
@@ -633,5 +817,138 @@ Append the following to your query string:
       current.inject_js = false
     end
 
+    def cache_control_value
+      86400
+    end
+
+    private
+
+    def handle_snapshots_request(env)
+      self.current = nil
+      MiniProfiler.authorize_request
+      status = 200
+      headers = { 'Content-Type' => 'text/html' }
+      qp = Rack::Utils.parse_nested_query(env['QUERY_STRING'])
+      if group_name = qp["group_name"]
+        list = @storage.snapshots_group(group_name)
+        list.each do |snapshot|
+          snapshot[:url] = url_for_snapshot(snapshot[:id], group_name)
+        end
+        data = {
+          group_name: group_name,
+          list: list
+        }
+      else
+        list = @storage.snapshots_overview
+        list.each do |group|
+          group[:url] = url_for_snapshots_group(group[:name])
+        end
+        data = {
+          page: "overview",
+          list: list
+        }
+      end
+      data_html = <<~HTML
+        <div style="display: none;" id="snapshots-data">
+        #{data.to_json}
+        </div>
+      HTML
+      response = Rack::Response.new([], status, headers)
+
+      response.write <<~HTML
+        <!DOCTYPE html>
+        <html>
+          <head>
+            <title>Rack::MiniProfiler Snapshots</title>
+          </head>
+          <body class="mp-snapshots">
+      HTML
+      response.write(data_html)
+      script = self.get_profile_script(env)
+      response.write(script)
+      response.write <<~HTML
+          </body>
+        </html>
+      HTML
+      response.finish
+    end
+
+    def serve_flamegraph(env)
+      request     = Rack::Request.new(env)
+      id          = request.params['id']
+      page_struct = @storage.load(id)
+
+      if !page_struct
+        id        = ERB::Util.html_escape(id)
+        user_info = ERB::Util.html_escape(user(env))
+        return [404, {}, ["Request not found: #{id} - user #{user_info}"]]
+      end
+
+      if !page_struct[:flamegraph]
+        return [404, {}, ["No flamegraph available for #{ERB::Util.html_escape(id)}"]]
+      end
+
+      self.flamegraph(page_struct[:flamegraph], page_struct[:request_path], env)
+    end
+
+    def rails_route_from_path(path, method)
+      if defined?(Rails) && defined?(ActionController::RoutingError)
+        hash = Rails.application.routes.recognize_path(path, method: method)
+        if hash && hash[:controller] && hash[:action]
+          "#{hash[:controller]}##{hash[:action]}"
+        end
+      end
+    rescue ActionController::RoutingError
+      nil
+    end
+
+    def url_for_snapshots_group(group_name)
+      qs = Rack::Utils.build_query({ group_name: group_name })
+      "/#{@config.base_url_path.gsub('/', '')}/snapshots?#{qs}"
+    end
+
+    def url_for_snapshot(id, group_name)
+      qs = Rack::Utils.build_query({ id: id, group: group_name })
+      "/#{@config.base_url_path.gsub('/', '')}/results?#{qs}"
+    end
+
+    def take_snapshot?(path)
+      @config.snapshot_every_n_requests > 0 &&
+      !path.start_with?(@config.base_url_path) &&
+      @storage.should_take_snapshot?(@config.snapshot_every_n_requests)
+    end
+
+    def take_snapshot(env, start)
+      MiniProfiler.create_current(env, @config)
+      Thread.current[:mp_ongoing_snapshot] = true
+      results = @app.call(env)
+      status = results[0].to_i
+      if status >= 200 && status < 300
+        page_struct = current.page_struct
+        page_struct[:root].record_time(
+          (Process.clock_gettime(Process::CLOCK_MONOTONIC) - start) * 1000
+        )
+        custom_fields = MiniProfiler.get_snapshot_custom_fields
+        page_struct[:custom_fields] = custom_fields if custom_fields
+        if Rack::MiniProfiler.snapshots_transporter?
+          Rack::MiniProfiler::SnapshotsTransporter.transport(page_struct)
+        else
+          group_name = rails_route_from_path(page_struct[:request_path], page_struct[:request_method])
+          group_name ||= page_struct[:request_path]
+          group_name = "#{page_struct[:request_method]} #{group_name}"
+          @storage.push_snapshot(
+            page_struct,
+            group_name,
+            @config
+          )
+        end
+      end
+      self.current = nil
+      results
+    end
+
+    def public_base_path(env)
+      "#{env['RACK_MINI_PROFILER_ORIGINAL_SCRIPT_NAME']}#{@config.base_url_path}"
+    end
   end
 end