railties 3.1.12 → 3.2.0.rc1

data/guides/source/performance_testing.textile

@@ -207,7 +207,7 @@ GC Time measures the amount of time spent in GC for the performance test case.
 
 h5. Metric Availability
 
-h6. Benchmarking
+h6(#benchmarking_1). Benchmarking
 
 |_.Interpreter|_.Wall Time|_.Process Time|_.CPU Time|_.User Time|_.Memory|_.Objects|_.GC Runs|_.GC Time|
 |_.MRI        | yes       | yes          | yes      | no        | yes    | yes     | yes     | yes     |
@@ -215,7 +215,7 @@ h6. Benchmarking
 |_.Rubinius   | yes       | no           | no       | no        | yes    | yes     | yes     | yes     |
 |_.JRuby      | yes       | no           | no       | yes       | yes    | yes     | yes     | yes     |
 
-h6. Profiling
+h6(#profiling_1). Profiling
 
 |_.Interpreter|_.Wall Time|_.Process Time|_.CPU Time|_.User Time|_.Memory|_.Objects|_.GC Runs|_.GC Time|
 |_.MRI        | yes       | yes          | no       | no        | yes    | yes     | yes     | yes     |
@@ -438,9 +438,9 @@ alias gcrails='~/rubygc/bin/rails'
 
 Don't forget to use your aliases from now on.
 
-h6. Install Rubygems (1.8 only!)
+h6. Install RubyGems (1.8 only!)
 
-Download "Rubygems":http://rubyforge.org/projects/rubygems and install it from source. Rubygem's README file should have necessary installation instructions. Please note that this step isn't necessary if you've installed Ruby 1.9 and above.
+Download "RubyGems":http://rubyforge.org/projects/rubygems and install it from source. Rubygem's README file should have necessary installation instructions. Please note that this step isn't necessary if you've installed Ruby 1.9 and above.
 
 h4. Using Ruby-Prof on MRI and REE
 
@@ -595,9 +595,3 @@ Rails has been lucky to have a few companies dedicated to Rails-specific perform
 
 * "New Relic":http://www.newrelic.com
 * "Scout":http://scoutapp.com
-
-h3. Changelog
-
-* March 30, 2011: Documented the recent improvements (multiple interpreters, options, etc) and necessary adjustments. Other minor improvements. "Gonçalo Silva":http://goncalossilva.com.
-* January 9, 2009: Complete rewrite by "Pratik":credits.html#lifo
-* September 6, 2008: Initial version by Matthew Bergman

data/guides/source/plugins.textile

@@ -290,7 +290,7 @@ You can then return to the root directory (+cd ../..+) of your plugin and rerun
 
 </shell>
 
-Getting closer...now we will implement the code of the acts_as_yaffle method to make the tests pass.
+Getting closer... Now we will implement the code of the acts_as_yaffle method to make the tests pass.
 
 <ruby>
 # yaffle/lib/yaffle/acts_as_yaffle.rb
@@ -322,7 +322,7 @@ When you run +rake+ you should see the tests all pass:
 
 h4. Add an Instance Method
 
-This plugin will add a method named 'squawk' to any Active Record objects that call 'acts_as_yaffle'. The 'squawk'
+This plugin will add a method named 'squawk' to any Active Record object that calls 'acts_as_yaffle'. The 'squawk'
 method will simply set the value of one of the fields in the database.
 
 To start out, write a failing test that shows the behavior you'd like:
@@ -347,7 +347,7 @@ class ActsAsYaffleTest < Test::Unit::TestCase
     assert_equal "squawk! Hello World", hickwall.last_squawk
   end
 
-  def test_wickwalls_squawk_should_populate_last_tweeted_at
+  def test_wickwalls_squawk_should_populate_last_tweet
     wickwall = Wickwall.new
     wickwall.squawk("Hello World")
     assert_equal "squawk! Hello World", wickwall.last_tweet
@@ -355,7 +355,7 @@ class ActsAsYaffleTest < Test::Unit::TestCase
 end
 </ruby>
 
-Run the test to make sure the last two tests fail the an error that contains "NoMethodError: undefined method `squawk'",
+Run the test to make sure the last two tests fail with an error that contains "NoMethodError: undefined method `squawk'",
 then update 'acts_as_yaffle.rb' to look like this:
 
 <ruby>
@@ -400,11 +400,11 @@ the creation of generators can be found in the "Generators Guide":generators.htm
 
 h3. Publishing your Gem
 
-Gem plugins in progress can be easily be shared from any Git repository. To share the Yaffle gem with others, simply
-commit the code to a Git repository (like Github) and add a line to the Gemfile of the any application:
+Gem plugins currently in development can easily be shared from any Git repository. To share the Yaffle gem with others, simply
+commit the code to a Git repository (like Github) and add a line to the Gemfile of the application in question:
 
 <ruby>
-gem 'yaffle', :git => 'git://github.com/yaffle_watcher/yaffle.git'	
+gem 'yaffle', :git => 'git://github.com/yaffle_watcher/yaffle.git'
 </ruby>
 
 After running +bundle install+, your gem functionality will be available to the application.
@@ -426,12 +426,12 @@ require 'yaffle'
 </ruby>
 
 You can test this by changing to the Rails application that you added the plugin to and starting a rails console. Once in the
-console we can check to see if the String has an instance method of to_squawk.
+console we can check to see if the String has an instance method to_squawk:
 
 <shell>
 $ cd my_app
 $ rails console
-$ String.instance_methods.sort
+$ "Rails plugins are easy!".to_squawk
 </shell>
 
 You can also remove the .gemspec, Gemfile and Gemfile.lock files as they will no longer be needed.
@@ -445,9 +445,9 @@ The first step is to update the README file with detailed information about how
 * Your name
 * How to install
 * How to add the functionality to the app (several examples of common use cases)
-* Warning, gotchas or tips that might help save users time
+* Warnings, gotchas or tips that might help users and save them time
 
-Once your README is solid, go through and add rdoc comments to all of the methods that developers will use. It's also customary to add '#:nodoc:' comments to those parts of the code that are not part of the public api.
+Once your README is solid, go through and add rdoc comments to all of the methods that developers will use. It's also customary to add '#:nodoc:' comments to those parts of the code that are not included in the public api.
 
 Once your comments are good to go, navigate to your plugin directory and run:
 
@@ -462,11 +462,3 @@ h4. References
 * "Gemspec Reference":http://docs.rubygems.org/read/chapter/20
 * "GemPlugins":http://www.mbleigh.com/2008/06/11/gemplugins-a-brief-introduction-to-the-future-of-rails-plugins
 * "Keeping init.rb thin":http://daddy.platte.name/2007/05/rails-plugins-keep-initrb-thin.html
-
-h3. Changelog
-
-* March 10, 2011: Minor formatting tweaks.
-* February 13, 2011: Get guide in synch with Rails 3.0.3. Remove information not compatible with Rails 3. Send reader elsewhere
-for information that is covered elsewhere.
-* April 4, 2010: Fixed document to validate XHTML 1.0 Strict. "Jaime Iniesta":http://jaimeiniesta.com
-* November 17, 2008: Major revision by Jeff Dean

data/guides/source/rails_application_templates.textile

@@ -60,6 +60,18 @@ Please note that this will NOT install the gems for you and you will have to run
 bundle install
 </ruby>
 
+h4. gem_group(*names, &block)
+
+Wraps gem entries inside a group.
+
+For example, if you want to load +rspec-rails+ only in +development+ and +test+ group:
+
+<ruby>
+gem_group :development, :test do
+  gem "rspec-rails"
+end
+</ruby>
+
 h4. add_source(source, options = {})
 
 Adds the given source to the generated application's +Gemfile+.
@@ -226,7 +238,3 @@ git :init
 git :add => "."
 git :commit => "-a -m 'Initial commit'"
 </ruby>
-
-h3. Changelog
-
-* April 29, 2009: Initial version by "Pratik":credits.html#lifo

data/guides/source/rails_on_rack.textile

@@ -89,23 +89,33 @@ $ rake middleware
 For a freshly generated Rails application, this might produce something like:
 
 <ruby>
+use ActionDispatch::Static
 use Rack::Lock
-use ActionController::Failsafe
-use ActionController::Session::CookieStore, , {:secret=>"<secret>", :session_key=>"_<app>_session"}
-use Rails::Rack::Metal
-use ActionDispatch::RewindableInput
-use ActionController::ParamsParser
-use Rack::MethodOverride
-use Rack::Head
+use ActiveSupport::Cache::Strategy::LocalCache
+use Rack::Runtime
+use Rails::Rack::Logger
+use ActionDispatch::ShowExceptions
+use ActionDispatch::DebugExceptions
+use ActionDispatch::RemoteIp
+use Rack::Sendfile
+use ActionDispatch::Callbacks
+use ActiveRecord::ConnectionAdapters::ConnectionManagement
 use ActiveRecord::QueryCache
-run ActionController::Dispatcher.new
+use ActionDispatch::Cookies
+use ActionDispatch::Session::CookieStore
+use ActionDispatch::Flash
+use ActionDispatch::ParamsParser
+use Rack::MethodOverride
+use ActionDispatch::Head
+use ActionDispatch::BestStandardsSupport
+run Blog::Application.routes
 </ruby>
 
 Purpose of each of this middlewares is explained in the "Internal Middlewares":#internal-middleware-stack section.
 
 h4. Configuring Middleware Stack
 
-Rails provides a simple configuration interface +config.middleware+ for adding, removing and modifying the middlewares in the middleware stack via +environment.rb+ or the environment specific configuration file <tt>environments/&lt;environment&gt;.rb</tt>.
+Rails provides a simple configuration interface +config.middleware+ for adding, removing and modifying the middlewares in the middleware stack via +application.rb+ or the environment specific configuration file <tt>environments/&lt;environment&gt;.rb</tt>.
 
 h5. Adding a Middleware
 
@@ -118,7 +128,7 @@ You can add a new middleware to the middleware stack using any of the following
 * <tt>config.middleware.insert_after(existing_middleware, new_middleware, args)</tt> - Adds the new middleware after the specified existing middleware in the middleware stack.
 
 <ruby>
-# config/environment.rb
+# config/application.rb
 
 # Push Rack::BounceFavicon at the bottom
 config.middleware.use Rack::BounceFavicon
@@ -133,7 +143,7 @@ h5. Swapping a Middleware
 You can swap an existing middleware in the middleware stack using +config.middleware.swap+.
 
 <ruby>
-# config/environment.rb
+# config/application.rb
 
 # Replace ActionController::Failsafe with Lifo::Failsafe
 config.middleware.swap ActionController::Failsafe, Lifo::Failsafe
@@ -157,8 +167,9 @@ Much of Action Controller's functionality is implemented as Middlewares. The fol
 |+Rack::Lock+|Sets <tt>env["rack.multithread"]</tt> flag to +true+ and wraps the application within a Mutex.|
 |+ActionController::Failsafe+|Returns HTTP Status +500+ to the client if an exception gets raised while dispatching.|
 |+ActiveRecord::QueryCache+|Enables the Active Record query cache.|
-|+ActionController::Session::CookieStore+|Uses the cookie based session store.|
-|+ActionController::Session::MemCacheStore+|Uses the memcached based session store.|
+|+ActionDispatch::Session::CookieStore+|Uses the cookie based session store.|
+|+ActionDispatch::Session::CacheStore+|Uses the Rails cache based session store.|
+|+ActionDispatch::Session::MemCacheStore+|Uses the memcached based session store.|
 |+ActiveRecord::SessionStore+|Uses the database based session store.|
 |+Rack::MethodOverride+|Sets HTTP method based on +_method+ parameter or <tt>env["HTTP_X_HTTP_METHOD_OVERRIDE"]</tt>.|
 |+Rack::Head+|Discards the response body if the client sends a +HEAD+ request.|
@@ -198,7 +209,7 @@ The following shows how to replace use +Rack::Builder+ instead of the Rails supp
 <strong>Clear the existing Rails middleware stack</strong>
 
 <ruby>
-# environment.rb
+# config/application.rb
 config.middleware.clear
 </ruby>
 
@@ -223,8 +234,3 @@ h4. Learning Rack
 h4. Understanding Middlewares
 
 * "Railscast on Rack Middlewares":http://railscasts.com/episodes/151-rack-middleware
-
-h3. Changelog
-
-* February 7, 2009: Second version by "Pratik":credits.html#lifo
-* January 11, 2009: First version by "Pratik":credits.html#lifo

data/guides/source/routing.textile

@@ -596,6 +596,8 @@ match "/stories/:name" => redirect {|params| "/posts/#{params[:name].pluralize}"
 match "/stories" => redirect {|p, req| "/posts/#{req.subdomain}" }
 </ruby>
 
+Please note that this redirection is a 301 "Moved Permanently" redirect. Keep in mind that some web browsers or proxy servers will cache this type of redirect, making the old page inaccessible.
+
 In all of these cases, if you don't provide the leading host (+http://www.example.com+), Rails will take those details from the current request.
 
 h4. Routing to Rack Applications
@@ -829,10 +831,10 @@ If you want a complete list of all of the available routes in your application,
 For example, here's a small section of the +rake routes+ output for a RESTful route:
 
 <pre>
-          users GET  /users          {:controller=>"users", :action=>"index"}
-formatted_users GET  /users.:format  {:controller=>"users", :action=>"index"}
-                POST /users          {:controller=>"users", :action=>"create"}
-                POST /users.:format  {:controller=>"users", :action=>"create"}
+    users GET    /users(.:format)          users#index
+          POST   /users(.:format)          users#create
+ new_user GET    /users/new(.:format)      users#new
+edit_user GET    /users/:id/edit(.:format) users#edit
 </pre>
 
 You may restrict the listing to the routes that map to a particular controller setting the +CONTROLLER+ environment variable:
@@ -881,12 +883,3 @@ The +assert_routing+ assertion checks the route both ways: it tests that the pat
 <ruby>
 assert_routing({ :path => "photos", :method => :post }, { :controller => "photos", :action => "create" })
 </ruby>
-
-h3. Changelog
-
-* April 10, 2010: Updated guide to remove outdated and superfluous information, and to provide information about new features, by "Yehuda Katz":http://www.yehudakatz.com
-* April 2, 2010: Updated guide to match new Routing DSL in Rails 3, by "Rizwan Reza":http://www.rizwanreza.com/
-* February 1, 2010: Modifies the routing documentation to match new routing DSL in Rails 3, by Prem Sichanugrist
-* October 4, 2008: Added additional detail on specifying verbs for resource member/collection routes, by "Mike Gunderloy":credits.html#mgunderloy
-* September 23, 2008: Added section on namespaced controllers and routing, by "Mike Gunderloy":credits.html#mgunderloy
-* September 10, 2008: initial version by "Mike Gunderloy":credits.html#mgunderloy

data/guides/source/ruby_on_rails_guides_guidelines.textile

@@ -77,8 +77,3 @@ bundle exec rake validate_guides
 </plain>
 
 Particularly, titles get an ID generated from their content and this often leads to duplicates. Please set +WARNINGS=1+ when generating guides to detect them. The warning messages suggest a way to fix them.
-
-h3. Changelog
-
-* March 31, 2011: grammar tweaks by "Josiah Ivey":http://twitter.com/josiahivey
-* October 5, 2010: ported from the docrails wiki and revised by "Xavier Noria":credits.html#fxn

data/guides/source/security.textile

@@ -82,9 +82,9 @@ This will also be a good idea, if you modify the structure of an object and old
 
 h4. Session Storage
 
--- _Rails provides several storage mechanisms for the session hashes. The most important are SessionStore and CookieStore._
+-- _Rails provides several storage mechanisms for the session hashes. The most important are ActiveRecord::SessionStore and ActionDispatch::Session::CookieStore._
 
-There are a number of session storages, i.e. where Rails saves the session hash and session id. Most real-live applications choose SessionStore (or one of its derivatives) over file storage due to performance and maintenance reasons. SessionStore keeps the session id and hash in a database table and saves and retrieves the hash on every request.
+There are a number of session storages, i.e. where Rails saves the session hash and session id. Most real-live applications choose ActiveRecord::SessionStore (or one of its derivatives) over file storage due to performance and maintenance reasons. ActiveRecord::SessionStore keeps the session id and hash in a database table and saves and retrieves the hash on every request.
 
 Rails 2 introduced a new default session storage, CookieStore. CookieStore saves the session hash directly in a cookie on the client-side. The server retrieves the session hash from the cookie and eliminates the need for a session id. That will greatly increase the speed of the application, but it is a controversial storage option and you have to think about the security implications of it:
 
@@ -157,9 +157,9 @@ One possibility is to set the expiry time-stamp of the cookie with the session i
 <ruby>
 class Session < ActiveRecord::Base
   def self.sweep(time = 1.hour)
-    time = time.split.inject { |count, unit|
-      count.to_i.send(unit)
-    } if time.is_a?(String)
+    if time.is_a?(String)
+      time = time.split.inject { |count, unit| count.to_i.send(unit) }
+    end
 
     delete_all "updated_at < '#{time.ago.to_s(:db)}'"
   end
@@ -474,7 +474,7 @@ h3. User Management
 
 -- _Almost every web application has to deal with authorization and authentication. Instead of rolling your own, it is advisable to use common plug-ins. But keep them up-to-date, too. A few additional precautions can make your application even more secure._
 
-There are some authorization and authentication plug-ins for Rails available. A good one saves only encrypted passwords, not plain-text passwords. The most popular plug-in is +restful_authentication+ which protects from session fixation, too. However, earlier versions allowed you to login without user name and password in certain circumstances.
+There are a number of authentication plug-ins for Rails available. Good ones, such as the popular "devise":https://github.com/plataformatec/devise and "authlogic":https://github.com/binarylogic/authlogic, store only encrypted passwords, not plain-text passwords. In Rails 3.1 you can use the built-in +has_secure_password+ method which has similar features.
 
 Every new user gets an activation code to activate his account when he gets an e-mail with a link in it. After activating the account, the activation_code columns will be set to NULL in the database. If someone requested an URL like these, he would be logged in as the first activated user found in the database (and chances are that this is the administrator):
 
@@ -648,7 +648,7 @@ h5(#sql-injection-introduction). Introduction
 SQL injection attacks aim at influencing database queries by manipulating web application parameters. A popular goal of SQL injection attacks is to bypass authorization. Another goal is to carry out data manipulation or reading arbitrary data. Here is an example of how not to use user input data in a query:
 
 <ruby>
-Project.all(:conditions => "name = '#{params[:name]}'")
+Project.where("name = '#{params[:name]}'")
 </ruby>
 
 This could be in a search action and the user may enter a project's name that he wants to find. If a malicious user enters ' OR 1 --, the resulting SQL query will be:
@@ -680,7 +680,7 @@ h5. Unauthorized Reading
 The UNION statement connects two SQL queries and returns the data in one set. An attacker can use it to read arbitrary data from the database. Let's take the example from above:
 
 <ruby>
-Project.all(:conditions => "name = '#{params[:name]}'")
+Project.where("name = '#{params[:name]}'")
 </ruby>
 
 And now let's inject another query using the UNION statement:
@@ -702,18 +702,18 @@ Also, the second query renames some columns with the AS statement so that the we
 
 h5(#sql-injection-countermeasures). Countermeasures
 
-Ruby on Rails has a built-in filter for special SQL characters, which will escape ' , " , NULL character and line breaks. <em class="highlight">Using +Model.find(id)+ or +Model.find_by_some thing(something)+ automatically applies this countermeasure</em>. But in SQL fragments, especially <em class="highlight">in conditions fragments (+:conditions => "..."+), the +connection.execute()+ or +Model.find_by_sql()+ methods, it has to be applied manually</em>.
+Ruby on Rails has a built-in filter for special SQL characters, which will escape ' , " , NULL character and line breaks. <em class="highlight">Using +Model.find(id)+ or +Model.find_by_some thing(something)+ automatically applies this countermeasure</em>. But in SQL fragments, especially <em class="highlight">in conditions fragments (+where("...")+), the +connection.execute()+ or +Model.find_by_sql()+ methods, it has to be applied manually</em>.
 
 Instead of passing a string to the conditions option, you can pass an array to sanitize tainted strings like this:
 
 <ruby>
-Model.first(:conditions => ["login = ? AND password = ?", entered_user_name, entered_password])
+Model.where("login = ? AND password = ?", entered_user_name, entered_password).first
 </ruby>
 
 As you can see, the first part of the array is an SQL fragment with question marks. The sanitized versions of the variables in the second part of the array replace the question marks. Or you can pass a hash for the same result:
 
 <ruby>
-Model.first(:conditions => {:login => entered_user_name, :password => entered_password})
+Model.where(:login => entered_user_name, :password => entered_password).first
 </ruby>
 
 The array or hash form is only available in model instances. You can try +sanitize_sql()+ elsewhere. _(highlight)Make it a habit to think about the security consequences when using an external string in SQL_.
@@ -1002,7 +1002,3 @@ The security landscape shifts and it is important to keep up to date, because mi
 * Subscribe to the Rails security "mailing list":http://groups.google.com/group/rubyonrails-security
 * "Keep up to date on the other application layers":http://secunia.com/ (they have a weekly newsletter, too)
 * A "good security blog":http://ha.ckers.org/blog/ including the "Cross-Site scripting Cheat Sheet":http://ha.ckers.org/xss.html
-
-h3. Changelog
-
-* November 1, 2008: First approved version by Heiko Webers

data/guides/source/testing.textile

@@ -927,7 +927,7 @@ class UserControllerTest < ActionController::TestCase
     assert_difference 'ActionMailer::Base.deliveries.size', +1 do
       post :invite_friend, :email => 'friend@example.com'
     end
-    invite_email = ActionMailer::Base.deliveries.first
+    invite_email = ActionMailer::Base.deliveries.last
 
     assert_equal "You have been invited by me@example.com", invite_email.subject
     assert_equal 'friend@example.com', invite_email.to[0]
@@ -945,11 +945,3 @@ The built-in +test/unit+ based testing is not the only way to test Rails applica
 * "Machinist":https://github.com/notahat/machinist/tree/master, another replacement for fixtures.
 * "Shoulda":http://www.thoughtbot.com/projects/shoulda, an extension to +test/unit+ with additional helpers, macros, and assertions.
 * "RSpec":http://relishapp.com/rspec, a behavior-driven development framework
-
-h3. Changelog
-
-* April 4, 2010: Fixed document to validate XHTML 1.0 Strict. "Jaime Iniesta":http://jaimeiniesta.com
-* November 13, 2008: Revised based on feedback from Pratik Naik by "Akshay Surve":credits.html#asurve (not yet approved for publication)
-* October 14, 2008: Edit and formatting pass by "Mike Gunderloy":credits.html#mgunderloy (not yet approved for publication)
-* October 12, 2008: First draft by "Akshay Surve":credits.html#asurve (not yet approved for publication)
-

data/lib/rails/application.rb

@@ -1,5 +1,4 @@
 require 'active_support/core_ext/hash/reverse_merge'
-require 'active_support/file_update_checker'
 require 'fileutils'
 require 'rails/plugin'
 require 'rails/engine'
@@ -33,6 +32,25 @@ module Rails
   #
   # The Application is also responsible for building the middleware stack.
   #
+  # == Booting process
+  #
+  # The application is also responsible for setting up and executing the booting
+  # process. From the moment you require "config/application.rb" in your app,
+  # the booting process goes like this:
+  #
+  #   1)  require "config/boot.rb" to setup load paths
+  #   2)  require railties and engines
+  #   3)  Define Rails.application as "class MyApp::Application < Rails::Application"
+  #   4)  Run config.before_configuration callbacks
+  #   5)  Load config/environments/ENV.rb
+  #   6)  Run config.before_initialize callbacks
+  #   7)  Run Railtie#initializer defined by railties, engines and application.
+  #       One by one, each engine sets up its load paths, routes and runs its config/initializers/* files.
+  #   9)  Custom Railtie#initializers added by railties, engines and applications are executed
+  #   10) Build the middleware stack and run to_prepare callbacks
+  #   11) Run config.before_eager_load and eager_load if cache classes is true
+  #   12) Run config.after_initialize callbacks
+  #
   class Application < Engine
     autoload :Bootstrap,      'rails/application/bootstrap'
     autoload :Configuration,  'rails/application/configuration'
@@ -52,12 +70,14 @@ module Rails
 
     attr_accessor :assets, :sandbox
     alias_method :sandbox?, :sandbox
+    attr_reader :reloaders
 
     delegate :default_url_options, :default_url_options=, :to => :routes
 
     def initialize
       super
       @initialized = false
+      @reloaders   = []
     end
 
     # This method is called just after an application inherits from Rails::Application,
@@ -83,54 +103,107 @@ module Rails
       require environment if environment
     end
 
+    # Reload application routes regardless if they changed or not.
     def reload_routes!
       routes_reloader.reload!
     end
 
-    def routes_reloader
+    def routes_reloader #:nodoc:
       @routes_reloader ||= RoutesReloader.new
     end
 
-    def initialize!(group=:default)
+    # Returns an array of file paths appended with a hash of directories-extensions
+    # suitable for ActiveSupport::FileUpdateChecker API.
+    def watchable_args
+      files = []
+      files.concat config.watchable_files
+
+      dirs = {}
+      dirs.merge! config.watchable_dirs
+      ActiveSupport::Dependencies.autoload_paths.each do |path|
+        dirs[path.to_s] = [:rb]
+      end
+
+      [files, dirs]
+    end
+
+    # Initialize the application passing the given group. By default, the
+    # group is :default but sprockets precompilation passes group equals
+    # to assets if initialize_on_precompile is false to avoid booting the
+    # whole app.
+    def initialize!(group=:default) #:nodoc:
       raise "Application has been already initialized." if @initialized
       run_initializers(group, self)
       @initialized = true
       self
     end
 
+    # Load the application and its railties tasks and invoke the registered hooks.
+    # Check <tt>Rails::Railtie.rake_tasks</tt> for more info.
     def load_tasks(app=self)
       initialize_tasks
       super
       self
     end
 
-    def load_generators(app=self)
-      initialize_generators
-      super
-      self
-    end
-
+    # Load the application console and invoke the registered hooks.
+    # Check <tt>Rails::Railtie.console</tt> for more info.
     def load_console(app=self)
       initialize_console
       super
       self
     end
 
+    # Rails.application.env_config stores some of the Rails initial environment parameters.
+    # Currently stores:
+    #
+    #   * action_dispatch.parameter_filter" => config.filter_parameters,
+    #   * action_dispatch.secret_token"     => config.secret_token,
+    #   * action_dispatch.show_exceptions"  => config.action_dispatch.show_exceptions
+    #
+    # These parameters will be used by middlewares and engines to configure themselves.
+    #
     def env_config
       @env_config ||= super.merge({
         "action_dispatch.parameter_filter" => config.filter_parameters,
         "action_dispatch.secret_token" => config.secret_token,
-        "action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions
+        "action_dispatch.show_exceptions" => config.action_dispatch.show_exceptions,
+        "action_dispatch.show_detailed_exceptions" => config.consider_all_requests_local,
+        "action_dispatch.logger" => Rails.logger,
+        "action_dispatch.backtrace_cleaner" => Rails.backtrace_cleaner
       })
     end
 
-    def initializers
+    # Returns the ordered railties for this application considering railties_order.
+    def ordered_railties #:nodoc:
+      @ordered_railties ||= begin
+        order = config.railties_order.map do |railtie|
+          if railtie == :main_app
+            self
+          elsif railtie.respond_to?(:instance)
+            railtie.instance
+          else
+            railtie
+          end
+        end
+
+        all = (railties.all - order)
+        all.push(self)   unless all.include?(self)
+        order.push(:all) unless order.include?(:all)
+
+        index = order.index(:all)
+        order[index] = all
+        order.reverse.flatten
+      end
+    end
+
+    def initializers #:nodoc:
       Bootstrap.initializers_for(self) +
       super +
       Finisher.initializers_for(self)
     end
 
-    def config
+    def config #:nodoc:
       @config ||= Application::Configuration.new(find_root_with_flag("config.ru", Dir.pwd))
     end
 
@@ -138,18 +211,19 @@ module Rails
       self
     end
 
-    def call(env)
-      env["ORIGINAL_FULLPATH"] = build_original_fullpath(env)
-      super(env)
+    def helpers_paths #:nodoc:
+      config.helpers_paths
     end
 
   protected
 
     alias :build_middleware_stack :app
 
-    def default_middleware_stack
-      require 'action_controller/railtie'
+    def reload_dependencies?
+      config.reload_classes_only_on_change != true || reloaders.map(&:updated?).any?
+    end
 
+    def default_middleware_stack
       ActionDispatch::MiddlewareStack.new.tap do |middleware|
         if rack_cache = config.action_controller.perform_caching && config.action_dispatch.rack_cache
           require "action_dispatch/http/rack_cache"
@@ -168,18 +242,25 @@ module Rails
         middleware.use ::Rack::Lock unless config.allow_concurrency
         middleware.use ::Rack::Runtime
         middleware.use ::Rack::MethodOverride
-        middleware.use ::Rails::Rack::Logger # must come after Rack::MethodOverride to properly log overridden methods
-        middleware.use ::ActionDispatch::ShowExceptions, config.consider_all_requests_local
+        middleware.use ::ActionDispatch::RequestId
+        middleware.use ::Rails::Rack::Logger, config.log_tags # must come after Rack::MethodOverride to properly log overridden methods
+        middleware.use ::ActionDispatch::ShowExceptions, config.exceptions_app || ActionDispatch::PublicExceptions.new(Rails.public_path)
+        middleware.use ::ActionDispatch::DebugExceptions
         middleware.use ::ActionDispatch::RemoteIp, config.action_dispatch.ip_spoofing_check, config.action_dispatch.trusted_proxies
-        middleware.use ::Rack::Sendfile, config.action_dispatch.x_sendfile_header
-        middleware.use ::ActionDispatch::Reloader unless config.cache_classes
+
+        if config.action_dispatch.x_sendfile_header.present?
+          middleware.use ::Rack::Sendfile, config.action_dispatch.x_sendfile_header
+        end
+
+        unless config.cache_classes
+          app = self
+          middleware.use ::ActionDispatch::Reloader, lambda { app.reload_dependencies? }
+        end
+
         middleware.use ::ActionDispatch::Callbacks
         middleware.use ::ActionDispatch::Cookies
 
         if config.session_store
-          if config.force_ssl && !config.session_options.key?(:secure)
-            config.session_options[:secure] = true
-          end
           middleware.use config.session_store, config.session_options
           middleware.use ::ActionDispatch::Flash
         end
@@ -195,7 +276,7 @@ module Rails
       end
     end
 
-    def initialize_tasks
+    def initialize_tasks #:nodoc:
       self.class.rake_tasks do
         require "rails/tasks"
         task :environment do
@@ -205,26 +286,10 @@ module Rails
       end
     end
 
-    def initialize_generators
-      require "rails/generators"
-    end
-
-    def initialize_console
+    def initialize_console #:nodoc:
       require "pp"
       require "rails/console/app"
       require "rails/console/helpers"
     end
-
-    def build_original_fullpath(env)
-      path_info    = env["PATH_INFO"]
-      query_string = env["QUERY_STRING"]
-      script_name  = env["SCRIPT_NAME"]
-
-      if query_string.present?
-        "#{script_name}#{path_info}?#{query_string}"
-      else
-        "#{script_name}#{path_info}"
-      end
-    end
   end
 end