Merge branch 'master' into testing

7 files changed, 449 insertions, 109 deletions

diff --git a/actionpack/test/controller/mime_type_test.rb b/actionpack/test/controller/mime_type_test.rb
index f16a3c68b4..21ae0419f1 100644
--- a/actionpack/test/controller/mime_type_test.rb
+++ b/actionpack/test/controller/mime_type_test.rb
@@ -61,7 +61,9 @@ class MimeTypeTest < Test::Unit::TestCase
     types.each do |type|
       mime = Mime.const_get(type.to_s.upcase)
       assert mime.send("#{type}?"), "#{mime.inspect} is not #{type}?"
-      (types - [type]).each { |other_type| assert !mime.send("#{other_type}?"), "#{mime.inspect} is #{other_type}?" }
+      invalid_types = types - [type]
+      invalid_types.delete(:html) if Mime::Type.html_types.include?(type)
+      invalid_types.each { |other_type| assert !mime.send("#{other_type}?"), "#{mime.inspect} is #{other_type}?" }
     end
   end
 
@@ -71,14 +73,12 @@ class MimeTypeTest < Test::Unit::TestCase
   end
 
   def test_verifiable_mime_types
-    unverified_types = Mime::Type.unverifiable_types
     all_types = Mime::SET.to_a.map(&:to_sym)
     all_types.uniq!
     # Remove custom Mime::Type instances set in other tests, like Mime::GIF and Mime::IPHONE
     all_types.delete_if { |type| !Mime.const_defined?(type.to_s.upcase) }
-
-    unverified, verified = all_types.partition { |type| Mime::Type.unverifiable_types.include? type }
-    assert verified.all?   { |type|  Mime.const_get(type.to_s.upcase).verify_request? }, "Not all Mime Types are verified: #{verified.inspect}"
-    assert unverified.all? { |type| !Mime.const_get(type.to_s.upcase).verify_request? }, "Some Mime Types are verified: #{unverified.inspect}"
+    verified, unverified = all_types.partition { |type| Mime::Type.browser_generated_types.include? type }
+    assert verified.each   { |type| assert  Mime.const_get(type.to_s.upcase).verify_request?, "Verifiable Mime Type is not verified: #{type.inspect}" }
+    assert unverified.each { |type| assert !Mime.const_get(type.to_s.upcase).verify_request?, "Nonverifiable Mime Type is verified: #{type.inspect}" }
   end
 end
diff --git a/actionpack/test/controller/polymorphic_routes_test.rb b/actionpack/test/controller/polymorphic_routes_test.rb
index df49a37f89..efa3c44bc0 100644
--- a/actionpack/test/controller/polymorphic_routes_test.rb
+++ b/actionpack/test/controller/polymorphic_routes_test.rb
@@ -168,6 +168,17 @@ uses_mocha 'polymorphic URL helpers' do
       polymorphic_url([@article, :response, @tag], :format => :pdf)
     end
 
+    def test_nesting_with_array_containing_nil
+      expects(:article_response_url).with(@article)
+      polymorphic_url([@article, nil, :response])
+    end
+
+    def test_with_array_containing_single_object
+      @article.save
+      expects(:article_url).with(@article)
+      polymorphic_url([nil, @article])
+    end
+
     # TODO: Needs to be updated to correctly know about whether the object is in a hash or not
     def xtest_with_hash
       expects(:article_url).with(@article)
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb
index 9dbfd120f2..00c6bc0ab0 100644
--- a/actionpack/test/controller/request_forgery_protection_test.rb
+++ b/actionpack/test/controller/request_forgery_protection_test.rb
@@ -77,57 +77,61 @@ module RequestForgeryProtectionTests
     ActionController::Base.request_forgery_protection_token = nil
   end
   
+
   def test_should_render_form_with_token_tag
-    get :index
-    assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token
+     get :index
+     assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token
+   end
+
+   def test_should_render_button_to_with_token_tag
+     get :show_button
+     assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token
+   end
+
+   def test_should_render_remote_form_with_only_one_token_parameter
+     get :remote_form
+     assert_equal 1, @response.body.scan(@token).size
+   end
+
+   def test_should_allow_get
+     get :index
+     assert_response :success
+   end
+
+   def test_should_allow_post_without_token_on_unsafe_action
+     post :unsafe
+     assert_response :success
+   end
+
+  def test_should_not_allow_html_post_without_token
+    @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s
+    assert_raises(ActionController::InvalidAuthenticityToken) { post :index, :format => :html }
   end
   
-  def test_should_render_button_to_with_token_tag
-    get :show_button
-    assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token
-  end
-
-  def test_should_render_remote_form_with_only_one_token_parameter
-    get :remote_form
-    assert_equal 1, @response.body.scan(@token).size
-  end
-
-  def test_should_allow_get
-    get :index
-    assert_response :success
+  def test_should_not_allow_html_put_without_token
+    @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s
+    assert_raises(ActionController::InvalidAuthenticityToken) { put :index, :format => :html }
   end
   
-  def test_should_allow_post_without_token_on_unsafe_action
-    post :unsafe
-    assert_response :success
+  def test_should_not_allow_html_delete_without_token
+    @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s
+    assert_raises(ActionController::InvalidAuthenticityToken) { delete :index, :format => :html }
   end
 
-  def test_should_not_allow_post_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) { post :index }
-  end
-
-  def test_should_not_allow_put_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) { put :index }
-  end
-
-  def test_should_not_allow_delete_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) { delete :index }
-  end
-
-  def test_should_not_allow_api_formatted_post_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) do
+  def test_should_allow_api_formatted_post_without_token
+    assert_nothing_raised do
       post :index, :format => 'xml'
     end
   end
 
   def test_should_not_allow_api_formatted_put_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) do
+    assert_nothing_raised do
       put :index, :format => 'xml'
     end
   end
 
-  def test_should_not_allow_api_formatted_delete_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) do
+  def test_should_allow_api_formatted_delete_without_token
+    assert_nothing_raised do
       delete :index, :format => 'xml'
     end
   end
@@ -174,16 +178,20 @@ module RequestForgeryProtectionTests
     end
   end
 
-  def test_should_not_allow_xhr_post_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) { xhr :post, :index }
+  def test_should_allow_xhr_post_without_token
+    assert_nothing_raised { xhr :post, :index }
+  end
+  def test_should_not_allow_xhr_post_with_html_without_token
+    @request.env['CONTENT_TYPE'] = Mime::URL_ENCODED_FORM.to_s
+    assert_raise(ActionController::InvalidAuthenticityToken) { xhr :post, :index }
   end
   
-  def test_should_not_allow_xhr_put_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) { xhr :put, :index }
+  def test_should_allow_xhr_put_without_token
+    assert_nothing_raised { xhr :put, :index }
   end
   
-  def test_should_not_allow_xhr_delete_without_token
-    assert_raises(ActionController::InvalidAuthenticityToken) { xhr :delete, :index }
+  def test_should_allow_xhr_delete_without_token
+    assert_nothing_raised { xhr :delete, :index }
   end
   
   def test_should_allow_post_with_token
@@ -227,6 +235,7 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase
   def setup
     @controller = RequestForgeryProtectionController.new
     @request    = ActionController::TestRequest.new
+    @request.format = :html
     @response   = ActionController::TestResponse.new
     class << @request.session
       def session_id() '123' end
@@ -248,11 +257,11 @@ class RequestForgeryProtectionWithoutSecretControllerTest < ActionController::Te
     ActionController::Base.request_forgery_protection_token = :authenticity_token
   end
   
-  def test_should_raise_error_without_secret
-    assert_raises ActionController::InvalidAuthenticityToken do
-      get :index
-    end
-  end
+  # def test_should_raise_error_without_secret
+  #   assert_raises ActionController::InvalidAuthenticityToken do
+  #     get :index
+  #   end
+  # end
 end
 
 class CsrfCookieMonsterControllerTest < ActionController::TestCase
@@ -304,10 +313,15 @@ class SessionOffControllerTest < ActionController::TestCase
     @token      = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('SHA1'), 'abc', '123')
   end
 
-  def test_should_raise_correct_exception
-    @request.session = {} # session(:off) doesn't appear to work with controller tests
-    assert_raises(ActionController::InvalidAuthenticityToken) do
-      post :index, :authenticity_token => @token
-    end
-  end
+  # TODO: Rewrite this test.
+  # This test was passing but for the wrong reason.
+  # Sessions aren't really being turned off, so an exception was raised
+  # because sessions weren't on - not because the token didn't match.
+  #
+  # def test_should_raise_correct_exception
+  #   @request.session = {} # session(:off) doesn't appear to work with controller tests
+  #   assert_raises(ActionController::InvalidAuthenticityToken) do
+  #     post :index, :authenticity_token => @token, :format => :html
+  #   end
+  # end
 end
diff --git a/actionpack/test/controller/resources_test.rb b/actionpack/test/controller/resources_test.rb
index 3e656fa51b..d5e8a3ae4a 100644
--- a/actionpack/test/controller/resources_test.rb
+++ b/actionpack/test/controller/resources_test.rb
@@ -14,6 +14,8 @@ class LogosController < ResourcesController; end
 
 class AccountsController <  ResourcesController; end
 class AdminController   <  ResourcesController; end
+class ProductsController < ResourcesController; end
+class ImagesController < ResourcesController; end
 
 module Backoffice
   class ProductsController < ResourcesController; end
@@ -776,6 +778,225 @@ class ResourcesTest < ActionController::TestCase
     end
   end
 
+  def test_resource_has_only_show_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :only => :show
+      end
+
+      assert_resource_allowed_routes('products', {},                    { :id => '1' }, :show, [:index, :new, :create, :edit, :update, :destroy])
+      assert_resource_allowed_routes('products', { :format => 'xml' },  { :id => '1' }, :show, [:index, :new, :create, :edit, :update, :destroy])
+    end
+  end
+
+  def test_singleton_resource_has_only_show_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resource :account, :only => :show
+      end
+
+      assert_singleton_resource_allowed_routes('accounts', {},                    :show, [:index, :new, :create, :edit, :update, :destroy])
+      assert_singleton_resource_allowed_routes('accounts', { :format => 'xml' },  :show, [:index, :new, :create, :edit, :update, :destroy])
+    end
+  end
+
+  def test_resource_does_not_have_destroy_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :except => :destroy
+      end
+
+      assert_resource_allowed_routes('products', {},                    { :id => '1' }, [:index, :new, :create, :show, :edit, :update], :destroy)
+      assert_resource_allowed_routes('products', { :format => 'xml' },  { :id => '1' }, [:index, :new, :create, :show, :edit, :update], :destroy)
+    end
+  end
+
+  def test_singleton_resource_does_not_have_destroy_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resource :account, :except => :destroy
+      end
+
+      assert_singleton_resource_allowed_routes('accounts', {},                    [:new, :create, :show, :edit, :update], :destroy)
+      assert_singleton_resource_allowed_routes('accounts', { :format => 'xml' },  [:new, :create, :show, :edit, :update], :destroy)
+    end
+  end
+
+  def test_resource_has_only_create_action_and_named_route
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :only => :create
+      end
+
+      assert_resource_allowed_routes('products', {},                    { :id => '1' }, :create, [:index, :new, :show, :edit, :update, :destroy])
+      assert_resource_allowed_routes('products', { :format => 'xml' },  { :id => '1' }, :create, [:index, :new, :show, :edit, :update, :destroy])
+
+      assert_not_nil set.named_routes[:products]
+    end
+  end
+
+  def test_resource_has_only_update_action_and_named_route
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :only => :update
+      end
+
+      assert_resource_allowed_routes('products', {},                    { :id => '1' }, :update, [:index, :new, :create, :show, :edit, :destroy])
+      assert_resource_allowed_routes('products', { :format => 'xml' },  { :id => '1' }, :update, [:index, :new, :create, :show, :edit, :destroy])
+
+      assert_not_nil set.named_routes[:product]
+    end
+  end
+
+  def test_resource_has_only_destroy_action_and_named_route
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :only => :destroy
+      end
+
+      assert_resource_allowed_routes('products', {},                    { :id => '1' }, :destroy, [:index, :new, :create, :show, :edit, :update])
+      assert_resource_allowed_routes('products', { :format => 'xml' },  { :id => '1' }, :destroy, [:index, :new, :create, :show, :edit, :update])
+
+      assert_not_nil set.named_routes[:product]
+    end
+  end
+
+  def test_singleton_resource_has_only_create_action_and_named_route
+    with_routing do |set|
+      set.draw do |map|
+        map.resource :account, :only => :create
+      end
+
+      assert_singleton_resource_allowed_routes('accounts', {},                    :create, [:new, :show, :edit, :update, :destroy])
+      assert_singleton_resource_allowed_routes('accounts', { :format => 'xml' },  :create, [:new, :show, :edit, :update, :destroy])
+
+      assert_not_nil set.named_routes[:account]
+    end
+  end
+
+  def test_singleton_resource_has_only_update_action_and_named_route
+    with_routing do |set|
+      set.draw do |map|
+        map.resource :account, :only => :update
+      end
+
+      assert_singleton_resource_allowed_routes('accounts', {},                    :update, [:new, :create, :show, :edit, :destroy])
+      assert_singleton_resource_allowed_routes('accounts', { :format => 'xml' },  :update, [:new, :create, :show, :edit, :destroy])
+
+      assert_not_nil set.named_routes[:account]
+    end
+  end
+
+  def test_singleton_resource_has_only_destroy_action_and_named_route
+    with_routing do |set|
+      set.draw do |map|
+        map.resource :account, :only => :destroy
+      end
+
+      assert_singleton_resource_allowed_routes('accounts', {},                    :destroy, [:new, :create, :show, :edit, :update])
+      assert_singleton_resource_allowed_routes('accounts', { :format => 'xml' },  :destroy, [:new, :create, :show, :edit, :update])
+
+      assert_not_nil set.named_routes[:account]
+    end
+  end
+
+  def test_resource_has_only_collection_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :except => :all, :collection => { :sale => :get }
+      end
+
+      assert_resource_allowed_routes('products', {},                    { :id => '1' }, [], [:index, :new, :create, :show, :edit, :update, :destroy])
+      assert_resource_allowed_routes('products', { :format => 'xml' },  { :id => '1' }, [], [:index, :new, :create, :show, :edit, :update, :destroy])
+
+      assert_recognizes({ :controller => 'products', :action => 'sale' },                   :path => 'products/sale',     :method => :get)
+      assert_recognizes({ :controller => 'products', :action => 'sale', :format => 'xml' }, :path => 'products/sale.xml', :method => :get)
+    end
+  end
+
+  def test_resource_has_only_member_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :except => :all, :member => { :preview => :get }
+      end
+
+      assert_resource_allowed_routes('products', {},                    { :id => '1' }, [], [:index, :new, :create, :show, :edit, :update, :destroy])
+      assert_resource_allowed_routes('products', { :format => 'xml' },  { :id => '1' }, [], [:index, :new, :create, :show, :edit, :update, :destroy])
+
+      assert_recognizes({ :controller => 'products', :action => 'preview', :id => '1' },                    :path => 'products/1/preview',      :method => :get)
+      assert_recognizes({ :controller => 'products', :action => 'preview', :id => '1', :format => 'xml' },  :path => 'products/1/preview.xml',  :method => :get)
+    end
+  end
+
+  def test_singleton_resource_has_only_member_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resource :account, :except => :all, :member => { :signup => :get }
+      end
+
+      assert_singleton_resource_allowed_routes('accounts', {},                    [], [:new, :create, :show, :edit, :update, :destroy])
+      assert_singleton_resource_allowed_routes('accounts', { :format => 'xml' },  [], [:new, :create, :show, :edit, :update, :destroy])
+
+      assert_recognizes({ :controller => 'accounts', :action => 'signup' },                   :path => 'account/signup',      :method => :get)
+      assert_recognizes({ :controller => 'accounts', :action => 'signup', :format => 'xml' }, :path => 'account/signup.xml',  :method => :get)
+    end
+  end
+
+  def test_nested_resource_inherits_only_show_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :only => :show do |product|
+          product.resources :images
+        end
+      end
+
+      assert_resource_allowed_routes('images', { :product_id => '1' },                    { :id => '2' }, :show, [:index, :new, :create, :edit, :update, :destroy], 'products/1/images')
+      assert_resource_allowed_routes('images', { :product_id => '1', :format => 'xml' },  { :id => '2' }, :show, [:index, :new, :create, :edit, :update, :destroy], 'products/1/images')
+    end
+  end
+
+  def test_nested_resource_has_only_show_and_member_action
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :only => [:index, :show] do |product|
+          product.resources :images, :member => { :thumbnail => :get }, :only => :show
+        end
+      end
+
+      assert_resource_allowed_routes('images', { :product_id => '1' },                    { :id => '2' }, :show, [:index, :new, :create, :edit, :update, :destroy], 'products/1/images')
+      assert_resource_allowed_routes('images', { :product_id => '1', :format => 'xml' },  { :id => '2' }, :show, [:index, :new, :create, :edit, :update, :destroy], 'products/1/images')
+
+      assert_recognizes({ :controller => 'images', :action => 'thumbnail', :product_id => '1', :id => '2' },                    :path => 'products/1/images/2/thumbnail', :method => :get)
+      assert_recognizes({ :controller => 'images', :action => 'thumbnail', :product_id => '1', :id => '2', :format => 'jpg' },  :path => 'products/1/images/2/thumbnail.jpg', :method => :get)
+    end
+  end
+
+  def test_nested_resource_ignores_only_option
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :only => :show do |product|
+          product.resources :images, :except => :destroy
+        end
+      end
+
+      assert_resource_allowed_routes('images', { :product_id => '1' },                    { :id => '2' }, [:index, :new, :create, :show, :edit, :update], :destroy, 'products/1/images')
+      assert_resource_allowed_routes('images', { :product_id => '1', :format => 'xml' },  { :id => '2' }, [:index, :new, :create, :show, :edit, :update], :destroy, 'products/1/images')
+    end
+  end
+
+  def test_nested_resource_ignores_except_option
+    with_routing do |set|
+      set.draw do |map|
+        map.resources :products, :except => :show do |product|
+          product.resources :images, :only => :destroy
+        end
+      end
+
+      assert_resource_allowed_routes('images', { :product_id => '1' },                    { :id => '2' }, :destroy, [:index, :new, :create, :show, :edit, :update], 'products/1/images')
+      assert_resource_allowed_routes('images', { :product_id => '1', :format => 'xml' },  { :id => '2' }, :destroy, [:index, :new, :create, :show, :edit, :update], 'products/1/images')
+    end
+  end
+
   protected
     def with_restful_routing(*args)
       with_routing do |set|
@@ -979,6 +1200,51 @@ class ResourcesTest < ActionController::TestCase
       end
     end
 
+    def assert_resource_allowed_routes(controller, options, shallow_options, allowed, not_allowed, path = controller)
+      shallow_path = "#{path}/#{shallow_options[:id]}"
+      format = options[:format] && ".#{options[:format]}"
+      options.merge!(:controller => controller)
+      shallow_options.merge!(options)
+
+      assert_whether_allowed(allowed, not_allowed, options,         'index',    "#{path}#{format}",               :get)
+      assert_whether_allowed(allowed, not_allowed, options,         'new',      "#{path}/new#{format}",           :get)
+      assert_whether_allowed(allowed, not_allowed, options,         'create',   "#{path}#{format}",               :post)
+      assert_whether_allowed(allowed, not_allowed, shallow_options, 'show',     "#{shallow_path}#{format}",       :get)
+      assert_whether_allowed(allowed, not_allowed, shallow_options, 'edit',     "#{shallow_path}/edit#{format}",  :get)
+      assert_whether_allowed(allowed, not_allowed, shallow_options, 'update',   "#{shallow_path}#{format}",       :put)
+      assert_whether_allowed(allowed, not_allowed, shallow_options, 'destroy',  "#{shallow_path}#{format}",       :delete)
+    end
+
+    def assert_singleton_resource_allowed_routes(controller, options, allowed, not_allowed, path = controller.singularize)
+      format = options[:format] && ".#{options[:format]}"
+      options.merge!(:controller => controller)
+
+      assert_whether_allowed(allowed, not_allowed, options, 'new',      "#{path}/new#{format}",   :get)
+      assert_whether_allowed(allowed, not_allowed, options, 'create',   "#{path}#{format}",       :post)
+      assert_whether_allowed(allowed, not_allowed, options, 'show',     "#{path}#{format}",       :get)
+      assert_whether_allowed(allowed, not_allowed, options, 'edit',     "#{path}/edit#{format}",  :get)
+      assert_whether_allowed(allowed, not_allowed, options, 'update',   "#{path}#{format}",       :put)
+      assert_whether_allowed(allowed, not_allowed, options, 'destroy',  "#{path}#{format}",       :delete)
+    end
+
+    def assert_whether_allowed(allowed, not_allowed, options, action, path, method)
+      action = action.to_sym
+      options = options.merge(:action => action.to_s)
+      path_options = { :path => path, :method => method }
+
+      if Array(allowed).include?(action)
+        assert_recognizes options, path_options
+      elsif Array(not_allowed).include?(action)
+        assert_not_recognizes options, path_options
+      end
+    end
+
+    def assert_not_recognizes(expected_options, path)
+      assert_raise ActionController::RoutingError, ActionController::MethodNotAllowed, Test::Unit::AssertionFailedError do
+        assert_recognizes(expected_options, path)
+      end
+    end
+
     def distinct_routes? (r1, r2)
       if r1.conditions == r2.conditions and r1.requirements == r2.requirements then
         if r1.segments.collect(&:to_s) == r2.segments.collect(&:to_s) then
diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb
index de82647813..f8add0bab1 100644
--- a/actionpack/test/template/form_tag_helper_test.rb
+++ b/actionpack/test/template/form_tag_helper_test.rb
@@ -235,7 +235,7 @@ class FormTagHelperTest < ActionView::TestCase
     assert_match VALID_HTML_ID, label_elem['for']
   end
 
-  def test_boolean_optios
+  def test_boolean_options
     assert_dom_equal %(<input checked="checked" disabled="disabled" id="admin" name="admin" readonly="readonly" type="checkbox" value="1" />), check_box_tag("admin", 1, true, 'disabled' => true, :readonly => "yes")
     assert_dom_equal %(<input checked="checked" id="admin" name="admin" type="checkbox" value="1" />), check_box_tag("admin", 1, true, :disabled => false, :readonly => nil)
     assert_dom_equal %(<select id="people" multiple="multiple" name="people[]"><option>david</option></select>), select_tag("people", "<option>david</option>", :multiple => true)
diff --git a/actionpack/test/template/tag_helper_test.rb b/actionpack/test/template/tag_helper_test.rb
index fc49d340ef..ef88cae5b8 100644
--- a/actionpack/test/template/tag_helper_test.rb
+++ b/actionpack/test/template/tag_helper_test.rb
@@ -19,6 +19,10 @@ class TagHelperTest < ActionView::TestCase
     assert_equal "<p />", tag("p", :ignored => nil)
   end
 
+  def test_tag_options_accepts_false_option
+    assert_equal "<p value=\"false\" />", tag("p", :value => false)
+  end
+
   def test_tag_options_accepts_blank_option
     assert_equal "<p included=\"\" />", tag("p", :included => '')
   end
diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb
index 095c952d67..3e7a8f3e44 100644
--- a/actionpack/test/template/text_helper_test.rb
+++ b/actionpack/test/template/text_helper_test.rb
@@ -205,56 +205,48 @@ class TextHelperTest < ActionView::TestCase
   end
 
   def test_auto_link_parsing
-    urls = %w(http://www.rubyonrails.com
-              http://www.rubyonrails.com:80
-              http://www.rubyonrails.com/~minam
-              https://www.rubyonrails.com/~minam
-              http://www.rubyonrails.com/~minam/url%20with%20spaces
-              http://www.rubyonrails.com/foo.cgi?something=here
-              http://www.rubyonrails.com/foo.cgi?something=here&and=here
-              http://www.rubyonrails.com/contact;new
-              http://www.rubyonrails.com/contact;new%20with%20spaces
-              http://www.rubyonrails.com/contact;new?with=query&string=params
-              http://www.rubyonrails.com/~minam/contact;new?with=query&string=params
-              http://en.wikipedia.org/wiki/Wikipedia:Today%27s_featured_picture_%28animation%29/January_20%2C_2007
-              http://www.mail-archive.com/rails@lists.rubyonrails.org/
-              http://www.amazon.com/Testing-Equal-Sign-In-Path/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1198861734&sr=8-1
-              http://en.wikipedia.org/wiki/Sprite_(computer_graphics)
-              http://en.wikipedia.org/wiki/Texas_hold'em
-              https://www.google.com/doku.php?id=gps:resource:scs:start
-            )
+    urls = %w(
+      http://www.rubyonrails.com
+      http://www.rubyonrails.com:80
+      http://www.rubyonrails.com/~minam
+      https://www.rubyonrails.com/~minam
+      http://www.rubyonrails.com/~minam/url%20with%20spaces
+      http://www.rubyonrails.com/foo.cgi?something=here
+      http://www.rubyonrails.com/foo.cgi?something=here&and=here
+      http://www.rubyonrails.com/contact;new
+      http://www.rubyonrails.com/contact;new%20with%20spaces
+      http://www.rubyonrails.com/contact;new?with=query&string=params
+      http://www.rubyonrails.com/~minam/contact;new?with=query&string=params
+      http://en.wikipedia.org/wiki/Wikipedia:Today%27s_featured_picture_%28animation%29/January_20%2C_2007
+      http://www.mail-archive.com/rails@lists.rubyonrails.org/
+      http://www.amazon.com/Testing-Equal-Sign-In-Path/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1198861734&sr=8-1
+      http://en.wikipedia.org/wiki/Texas_hold'em
+      https://www.google.com/doku.php?id=gps:resource:scs:start
+      http://connect.oraclecorp.com/search?search[q]=green+france&search[type]=Group
+      http://of.openfoundry.org/projects/492/download#4th.Release.3
+      http://maps.google.co.uk/maps?f=q&q=the+london+eye&ie=UTF8&ll=51.503373,-0.11939&spn=0.007052,0.012767&z=16&iwloc=A
+    )
 
     urls.each do |url|
-      assert_equal %(<a href="#{url}">#{url}</a>), auto_link(url)
+      assert_equal generate_result(url), auto_link(url)
     end
   end
 
+  def generate_result(link_text, href = nil)
+    href ||= link_text
+    %{<a href="#{CGI::escapeHTML href}">#{CGI::escapeHTML link_text}</a>}
+  end
+
   def test_auto_linking
     email_raw    = 'david@loudthinking.com'
     email_result = %{<a href="mailto:#{email_raw}">#{email_raw}</a>}
-    email2_raw    = '+david@loudthinking.com'
-    email2_result = %{<a href="mailto:#{email2_raw}">#{email2_raw}</a>}
     link_raw     = 'http://www.rubyonrails.com'
-    link_result  = %{<a href="#{link_raw}">#{link_raw}</a>}
-    link_result_with_options  = %{<a href="#{link_raw}" target="_blank">#{link_raw}</a>}
-    link2_raw    = 'www.rubyonrails.com'
-    link2_result = %{<a href="http://#{link2_raw}">#{link2_raw}</a>}
-    link3_raw    = 'http://manuals.ruby-on-rails.com/read/chapter.need_a-period/103#page281'
-    link3_result = %{<a href="#{link3_raw}">#{link3_raw}</a>}
-    link4_raw    = 'http://foo.example.com/controller/action?parm=value&p2=v2#anchor123'
-    link4_result = %{<a href="#{link4_raw}">#{link4_raw}</a>}
-    link5_raw    = 'http://foo.example.com:3000/controller/action'
-    link5_result = %{<a href="#{link5_raw}">#{link5_raw}</a>}
-    link6_raw    = 'http://foo.example.com:3000/controller/action+pack'
-    link6_result = %{<a href="#{link6_raw}">#{link6_raw}</a>}
-    link7_raw    = 'http://foo.example.com/controller/action?parm=value&p2=v2#anchor-123'
-    link7_result = %{<a href="#{link7_raw}">#{link7_raw}</a>}
-    link8_raw    = 'http://foo.example.com:3000/controller/action.html'
-    link8_result = %{<a href="#{link8_raw}">#{link8_raw}</a>}
-    link9_raw    = 'http://business.timesonline.co.uk/article/0,,9065-2473189,00.html'
-    link9_result = %{<a href="#{link9_raw}">#{link9_raw}</a>}
-    link10_raw    = 'http://www.mail-archive.com/ruby-talk@ruby-lang.org/'
-    link10_result = %{<a href="#{link10_raw}">#{link10_raw}</a>}
+    link_result  = generate_result(link_raw)
+    link_result_with_options = %{<a href="#{link_raw}" target="_blank">#{link_raw}</a>}
+
+    assert_equal '', auto_link(nil)
+    assert_equal '', auto_link('')
+    assert_equal "#{link_result} #{link_result} #{link_result}", auto_link("#{link_raw} #{link_raw} #{link_raw}")
 
     assert_equal %(hello #{email_result}), auto_link("hello #{email_raw}", :email_addresses)
     assert_equal %(Go to #{link_result}), auto_link("Go to #{link_raw}", :urls)
@@ -265,41 +257,94 @@ class TextHelperTest < ActionView::TestCase
     assert_equal %(<p>Link #{link_result_with_options}</p>), auto_link("<p>Link #{link_raw}</p>", :all, {:target => "_blank"})
     assert_equal %(Go to #{link_result}.), auto_link(%(Go to #{link_raw}.))
     assert_equal %(<p>Go to #{link_result}, then say hello to #{email_result}.</p>), auto_link(%(<p>Go to #{link_raw}, then say hello to #{email_raw}.</p>))
+
+    email2_raw    = '+david@loudthinking.com'
+    email2_result = %{<a href="mailto:#{email2_raw}">#{email2_raw}</a>}
+    assert_equal email2_result, auto_link(email2_raw)
+
+    link2_raw    = 'www.rubyonrails.com'
+    link2_result = generate_result(link2_raw, "http://#{link2_raw}")
     assert_equal %(Go to #{link2_result}), auto_link("Go to #{link2_raw}", :urls)
     assert_equal %(Go to #{link2_raw}), auto_link("Go to #{link2_raw}", :email_addresses)
     assert_equal %(<p>Link #{link2_result}</p>), auto_link("<p>Link #{link2_raw}</p>")
     assert_equal %(<p>#{link2_result} Link</p>), auto_link("<p>#{link2_raw} Link</p>")
     assert_equal %(Go to #{link2_result}.), auto_link(%(Go to #{link2_raw}.))
     assert_equal %(<p>Say hello to #{email_result}, then go to #{link2_result}.</p>), auto_link(%(<p>Say hello to #{email_raw}, then go to #{link2_raw}.</p>))
+
+    link3_raw    = 'http://manuals.ruby-on-rails.com/read/chapter.need_a-period/103#page281'
+    link3_result = generate_result(link3_raw)
     assert_equal %(Go to #{link3_result}), auto_link("Go to #{link3_raw}", :urls)
     assert_equal %(Go to #{link3_raw}), auto_link("Go to #{link3_raw}", :email_addresses)
     assert_equal %(<p>Link #{link3_result}</p>), auto_link("<p>Link #{link3_raw}</p>")
     assert_equal %(<p>#{link3_result} Link</p>), auto_link("<p>#{link3_raw} Link</p>")
     assert_equal %(Go to #{link3_result}.), auto_link(%(Go to #{link3_raw}.))
-    assert_equal %(<p>Go to #{link3_result}. seriously, #{link3_result}? i think I'll say hello to #{email_result}. instead.</p>), auto_link(%(<p>Go to #{link3_raw}. seriously, #{link3_raw}? i think I'll say hello to #{email_raw}. instead.</p>))
+    assert_equal %(<p>Go to #{link3_result}. Seriously, #{link3_result}? I think I'll say hello to #{email_result}. Instead.</p>),
+       auto_link(%(<p>Go to #{link3_raw}. Seriously, #{link3_raw}? I think I'll say hello to #{email_raw}. Instead.</p>))
+
+    link4_raw    = 'http://foo.example.com/controller/action?parm=value&p2=v2#anchor123'
+    link4_result = generate_result(link4_raw)
     assert_equal %(<p>Link #{link4_result}</p>), auto_link("<p>Link #{link4_raw}</p>")
     assert_equal %(<p>#{link4_result} Link</p>), auto_link("<p>#{link4_raw} Link</p>")
+
+    link5_raw    = 'http://foo.example.com:3000/controller/action'
+    link5_result = generate_result(link5_raw)
     assert_equal %(<p>#{link5_result} Link</p>), auto_link("<p>#{link5_raw} Link</p>")
+
+    link6_raw    = 'http://foo.example.com:3000/controller/action+pack'
+    link6_result = generate_result(link6_raw)
     assert_equal %(<p>#{link6_result} Link</p>), auto_link("<p>#{link6_raw} Link</p>")
+
+    link7_raw    = 'http://foo.example.com/controller/action?parm=value&p2=v2#anchor-123'
+    link7_result = generate_result(link7_raw)
     assert_equal %(<p>#{link7_result} Link</p>), auto_link("<p>#{link7_raw} Link</p>")
+
+    link8_raw    = 'http://foo.example.com:3000/controller/action.html'
+    link8_result = generate_result(link8_raw)
     assert_equal %(Go to #{link8_result}), auto_link("Go to #{link8_raw}", :urls)
     assert_equal %(Go to #{link8_raw}), auto_link("Go to #{link8_raw}", :email_addresses)
     assert_equal %(<p>Link #{link8_result}</p>), auto_link("<p>Link #{link8_raw}</p>")
     assert_equal %(<p>#{link8_result} Link</p>), auto_link("<p>#{link8_raw} Link</p>")
     assert_equal %(Go to #{link8_result}.), auto_link(%(Go to #{link8_raw}.))
-    assert_equal %(<p>Go to #{link8_result}. seriously, #{link8_result}? i think I'll say hello to #{email_result}. instead.</p>), auto_link(%(<p>Go to #{link8_raw}. seriously, #{link8_raw}? i think I'll say hello to #{email_raw}. instead.</p>))
+    assert_equal %(<p>Go to #{link8_result}. Seriously, #{link8_result}? I think I'll say hello to #{email_result}. Instead.</p>),
+       auto_link(%(<p>Go to #{link8_raw}. Seriously, #{link8_raw}? I think I'll say hello to #{email_raw}. Instead.</p>))
+
+    link9_raw    = 'http://business.timesonline.co.uk/article/0,,9065-2473189,00.html'
+    link9_result = generate_result(link9_raw)
     assert_equal %(Go to #{link9_result}), auto_link("Go to #{link9_raw}", :urls)
     assert_equal %(Go to #{link9_raw}), auto_link("Go to #{link9_raw}", :email_addresses)
     assert_equal %(<p>Link #{link9_result}</p>), auto_link("<p>Link #{link9_raw}</p>")
     assert_equal %(<p>#{link9_result} Link</p>), auto_link("<p>#{link9_raw} Link</p>")
     assert_equal %(Go to #{link9_result}.), auto_link(%(Go to #{link9_raw}.))
-    assert_equal %(<p>Go to #{link9_result}. seriously, #{link9_result}? i think I'll say hello to #{email_result}. instead.</p>), auto_link(%(<p>Go to #{link9_raw}. seriously, #{link9_raw}? i think I'll say hello to #{email_raw}. instead.</p>))
+    assert_equal %(<p>Go to #{link9_result}. Seriously, #{link9_result}? I think I'll say hello to #{email_result}. Instead.</p>),
+       auto_link(%(<p>Go to #{link9_raw}. Seriously, #{link9_raw}? I think I'll say hello to #{email_raw}. Instead.</p>))
+
+    link10_raw    = 'http://www.mail-archive.com/ruby-talk@ruby-lang.org/'
+    link10_result = generate_result(link10_raw)
     assert_equal %(<p>#{link10_result} Link</p>), auto_link("<p>#{link10_raw} Link</p>")
-    assert_equal email2_result, auto_link(email2_raw)
-    assert_equal '', auto_link(nil)
-    assert_equal '', auto_link('')
-    assert_equal "#{link_result} #{link_result} #{link_result}", auto_link("#{link_raw} #{link_raw} #{link_raw}")
-    assert_equal '<a href="http://www.rubyonrails.com">Ruby On Rails</a>', auto_link('<a href="http://www.rubyonrails.com">Ruby On Rails</a>')
+  end
+
+  def test_auto_link_already_linked
+    linked1 = generate_result('Ruby On Rails', 'http://www.rubyonrails.com')
+    linked2 = generate_result('www.rubyonrails.com', 'http://www.rubyonrails.com')
+    assert_equal linked1, auto_link(linked1)
+    assert_equal linked2, auto_link(linked2)
+  end
+
+  def test_auto_link_with_brackets
+    link1_raw = 'http://en.wikipedia.org/wiki/Sprite_(computer_graphics)'
+    link1_result = generate_result(link1_raw)
+    assert_equal link1_result, auto_link(link1_raw)
+    assert_equal "(link: #{link1_result})", auto_link("(link: #{link1_raw})")
+
+    link2_raw = 'http://en.wikipedia.org/wiki/Sprite_[computer_graphics]'
+    link2_result = generate_result(link2_raw)
+    assert_equal link2_result, auto_link(link2_raw)
+    assert_equal "[link: #{link2_result}]", auto_link("[link: #{link2_raw}]")
+
+    link3_raw = 'http://en.wikipedia.org/wiki/Sprite_{computer_graphics}'
+    link3_result = generate_result(link3_raw)
+    assert_equal link3_result, auto_link(link3_raw)
+    assert_equal "{link: #{link3_result}}", auto_link("{link: #{link3_raw}}")
   end
 
   def test_auto_link_at_eol
@@ -317,7 +362,7 @@ class TextHelperTest < ActionView::TestCase
   end
 
   def test_auto_link_with_options_hash
-    assert_equal 'Welcome to my new blog at <a href="http://www.myblog.com/" class="menu" target="_blank">http://www.myblog.com/</a>. Please e-mail me at <a href="mailto:me@email.com">me@email.com</a>.',
+    assert_dom_equal 'Welcome to my new blog at <a href="http://www.myblog.com/" class="menu" target="_blank">http://www.myblog.com/</a>. Please e-mail me at <a href="mailto:me@email.com">me@email.com</a>.',
       auto_link("Welcome to my new blog at http://www.myblog.com/. Please e-mail me at me@email.com.",
                 :link => :all, :html => { :class => "menu", :target => "_blank" })
   end