1 files changed, 39 insertions, 16 deletions

diff --git a/actionpack/lib/action_dispatch/http/parameters.rb b/actionpack/lib/action_dispatch/http/parameters.rb
index ff5031d7d5..42e80b9bf5 100644
--- a/actionpack/lib/action_dispatch/http/parameters.rb
+++ b/actionpack/lib/action_dispatch/http/parameters.rb
@@ -3,12 +3,12 @@ module ActionDispatch
     module Parameters
       extend ActiveSupport::Concern
 
-      PARAMETERS_KEY = 'action_dispatch.request.path_parameters'
+      PARAMETERS_KEY = "action_dispatch.request.path_parameters"
 
       DEFAULT_PARSERS = {
         Mime[:json].symbol => -> (raw_post) {
           data = ActiveSupport::JSON.decode(raw_post)
-          data.is_a?(Hash) ? data : {:_json => data}
+          data.is_a?(Hash) ? data : {_json: data}
         }
       }
 
@@ -37,14 +37,22 @@ module ActionDispatch
                    query_parameters.dup
                  end
         params.merge!(path_parameters)
+        params = set_custom_encoding(params)
         set_header("action_dispatch.request.parameters", params)
         params
       end
       alias :params :parameters
 
       def path_parameters=(parameters) #:nodoc:
-        delete_header('action_dispatch.request.parameters')
+        delete_header("action_dispatch.request.parameters")
+
+        # If any of the path parameters has an invalid encoding then
+        # raise since it's likely to trigger errors further on.
+        Request::Utils.check_param_encoding(parameters)
+
         set_header PARAMETERS_KEY, parameters
+      rescue Rack::Utils::ParameterTypeError, Rack::Utils::InvalidParameterError => e
+        raise ActionController::BadRequest.new("Invalid path parameters: #{e.message}")
       end
 
       # Returns a hash with the \parameters used to form the \path of the request.
@@ -57,24 +65,39 @@ module ActionDispatch
 
       private
 
-      def parse_formatted_parameters(parsers)
-        return yield if content_length.zero?
+        def set_custom_encoding(params)
+          action = params[:action]
+          params.each do |k, v|
+            if v.is_a?(String) && v.encoding != encoding_template(action, k)
+              params[k] = v.force_encoding(encoding_template(action, k))
+            end
+          end
+
+          params
+        end
+
+        def encoding_template(action, param)
+          controller_class.encoding_for_param(action, param)
+        end
+
+        def parse_formatted_parameters(parsers)
+          return yield if content_length.zero? || content_mime_type.nil?
 
-        strategy = parsers.fetch(content_mime_type.symbol) { return yield }
+          strategy = parsers.fetch(content_mime_type.symbol) { return yield }
 
-        begin
-          strategy.call(raw_post)
-        rescue # JSON or Ruby code block errors
-          my_logger = logger || ActiveSupport::Logger.new($stderr)
-          my_logger.debug "Error occurred while parsing request parameters.\nContents:\n\n#{raw_post}"
+          begin
+            strategy.call(raw_post)
+          rescue # JSON or Ruby code block errors
+            my_logger = logger || ActiveSupport::Logger.new($stderr)
+            my_logger.debug "Error occurred while parsing request parameters.\nContents:\n\n#{raw_post}"
 
-          raise ParamsParser::ParseError
+            raise ParamsParser::ParseError
+          end
         end
-      end
 
-      def params_parsers
-        ActionDispatch::Request.parameter_parsers
-      end
+        def params_parsers
+          ActionDispatch::Request.parameter_parsers
+        end
     end
   end
 end