1 files changed, 19 insertions, 3 deletions

diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb
index 8bc3c271e2..7e2745c75a 100644
--- a/actionpack/lib/action_controller/metal/strong_parameters.rb
+++ b/actionpack/lib/action_controller/metal/strong_parameters.rb
@@ -1,4 +1,5 @@
 require 'active_support/core_ext/hash/indifferent_access'
+require 'active_support/core_ext/hash/transform_values'
 require 'active_support/core_ext/array/wrap'
 require 'active_support/core_ext/string/filters'
 require 'active_support/rescuable'
@@ -108,7 +109,7 @@ module ActionController
     cattr_accessor :permit_all_parameters, instance_accessor: false
     cattr_accessor :action_on_unpermitted_parameters, instance_accessor: false
 
-    delegate :keys, :key?, :has_key?, :empty?, :inspect, to: :@parameters
+    delegate :keys, :key?, :has_key?, :empty?, :include?, :inspect, to: :@parameters
 
     # By default, never raise an UnpermittedParameters exception if these
     # params are present. The default includes both 'controller' and 'action'
@@ -175,7 +176,7 @@ module ActionController
     #   safe_params.to_h # => {"name"=>"Senjougahara Hitagi"}
     def to_h
       if permitted?
-        @parameters.deep_dup
+        convert_parameters_to_hashes(@parameters)
       else
         slice(*self.class.always_permitted_parameters).permit!.to_h
       end
@@ -185,7 +186,7 @@ module ActionController
     # <tt>ActiveSupport::HashWithIndifferentAccess</tt> representation of this
     # parameter.
     def to_unsafe_h
-      @parameters.deep_dup
+      convert_parameters_to_hashes(@parameters)
     end
     alias_method :to_unsafe_hash, :to_unsafe_h
 
@@ -594,6 +595,21 @@ module ActionController
         end
       end
 
+      def convert_parameters_to_hashes(value)
+        case value
+        when Array
+          value.map { |v| convert_parameters_to_hashes(v) }
+        when Hash
+          value.transform_values do |v|
+            convert_parameters_to_hashes(v)
+          end.with_indifferent_access
+        when Parameters
+          value.to_h
+        else
+          value
+        end
+      end
+
       def convert_hashes_to_parameters(key, value)
         converted = convert_value_to_parameters(value)
         @parameters[key] = converted unless converted.equal?(value)