3 files changed, 4 insertions, 3 deletions

diff --git a/actionpack/lib/action_controller/metal/cookies.rb b/actionpack/lib/action_controller/metal/cookies.rb
index d4806623c3..c328db8beb 100644
--- a/actionpack/lib/action_controller/metal/cookies.rb
+++ b/actionpack/lib/action_controller/metal/cookies.rb
@@ -87,8 +87,9 @@ module ActionController #:nodoc:
     def delete(key, options = {})
       options.symbolize_keys!
       options[:path] = "/" unless options.has_key?(:path)
-      super(key.to_s)
+      value = super(key.to_s)
       @controller.response.delete_cookie(key, options)
+      value
     end
   end
 end
diff --git a/actionpack/lib/action_controller/metal/redirector.rb b/actionpack/lib/action_controller/metal/redirector.rb
index f79fd54acd..b55f5e7bfc 100644
--- a/actionpack/lib/action_controller/metal/redirector.rb
+++ b/actionpack/lib/action_controller/metal/redirector.rb
@@ -16,7 +16,7 @@ module ActionController
       logger.info("Redirected to #{url}") if logger && logger.info?
       self.status = status
       self.location = url.gsub(/[\r\n]/, '')
-      self.response_body = "<html><body>You are being <a href=\"#{CGI.escapeHTML(url)}\">redirected</a>.</body></html>"
+      self.response_body = "<html><body>You are being <a href=\"#{ERB::Util.h(url)}\">redirected</a>.</body></html>"
     end
   end
 end
diff --git a/actionpack/lib/action_controller/testing/process.rb b/actionpack/lib/action_controller/testing/process.rb
index bbc7f3c8f9..323cce6a2f 100644
--- a/actionpack/lib/action_controller/testing/process.rb
+++ b/actionpack/lib/action_controller/testing/process.rb
@@ -35,7 +35,7 @@ module ActionController #:nodoc:
     end
 
     def cookies
-      @response.cookies
+      @request.cookies.merge(@response.cookies)
     end
 
     def redirect_to_url