5 files changed, 31 insertions, 9 deletions
diff --git a/actionpack/lib/action_dispatch/http/headers.rb b/actionpack/lib/action_dispatch/http/headers.rb
index 1e43104f0a..505d5560b1 100644
--- a/actionpack/lib/action_dispatch/http/headers.rb
+++ b/actionpack/lib/action_dispatch/http/headers.rb
@@ -3,9 +3,10 @@ require 'active_support/memoizable'
 module ActionDispatch
   module Http
     class Headers < ::Hash
-      extend ActiveSupport::Memoizable
+      @@env_cache = Hash.new { |h,k| h[k] = "HTTP_#{k.upcase.gsub(/-/, '_')}" }
 
       def initialize(*args)
+
         if args.size == 1 && args[0].is_a?(Hash)
           super()
           update(args[0])
@@ -25,9 +26,8 @@ module ActionDispatch
       private
         # Converts a HTTP header name to an environment variable name.
         def env_name(header_name)
-          "HTTP_#{header_name.upcase.gsub(/-/, '_')}"
+          @@env_cache[header_name]
         end
-        memoize :env_name
     end
   end
 end
diff --git a/actionpack/lib/action_dispatch/http/mime_type.rb b/actionpack/lib/action_dispatch/http/mime_type.rb
index 7c9ebe7c7b..fa2948c8db 100644
--- a/actionpack/lib/action_dispatch/http/mime_type.rb
+++ b/actionpack/lib/action_dispatch/http/mime_type.rb
@@ -47,7 +47,7 @@ module Mime
     cattr_reader :html_types
 
     # These are the content types which browsers can generate without using ajax, flash, etc
-    # i.e. following a link, getting an image or posting a form.  CSRF protection
+    # i.e. following a link, getting an image or posting a form. CSRF protection
     # only needs to protect against these types.
     @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text]
     cattr_reader :browser_generated_types
@@ -246,7 +246,7 @@ module Mime
       end
     end
 
-    # Returns true if Action Pack should check requests using this Mime Type for possible request forgery.  See
+    # Returns true if Action Pack should check requests using this Mime Type for possible request forgery. See
     # ActionController::RequestForgeryProtection.
     def verify_request?
       @@browser_generated_types.include?(to_sym)
diff --git a/actionpack/lib/action_dispatch/http/mime_types.rb b/actionpack/lib/action_dispatch/http/mime_types.rb
index 68f37d2f65..3da4f91051 100644
--- a/actionpack/lib/action_dispatch/http/mime_types.rb
+++ b/actionpack/lib/action_dispatch/http/mime_types.rb
@@ -7,6 +7,15 @@ Mime::Type.register "text/javascript", :js, %w( application/javascript applicati
 Mime::Type.register "text/css", :css
 Mime::Type.register "text/calendar", :ics
 Mime::Type.register "text/csv", :csv
+
+Mime::Type.register "image/png", :png, [], %w(png)
+Mime::Type.register "image/jpeg", :jpeg, [], %w(jpg jpeg jpe)
+Mime::Type.register "image/gif", :gif, [], %w(gif)
+Mime::Type.register "image/bmp", :bmp, [], %w(bmp)
+Mime::Type.register "image/tiff", :tiff, [], %w(tif tiff)
+
+Mime::Type.register "video/mpeg", :mpeg, [], %w(mpg mpeg mpe)
+
 Mime::Type.register "application/xml", :xml, %w( text/xml application/x-xml )
 Mime::Type.register "application/rss+xml", :rss
 Mime::Type.register "application/atom+xml", :atom
@@ -19,5 +28,8 @@ Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form
 # http://www.json.org/JSONRequest.html
 Mime::Type.register "application/json", :json, %w( text/x-json application/jsonrequest )
 
+Mime::Type.register "application/pdf", :pdf, [], %w(pdf)
+Mime::Type.register "application/zip", :zip, [], %w(zip)
+
 # Create Mime::ALL but do not add it to the SET.
 Mime::ALL = Mime::Type.new("*/*", :all, [])
diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb
index f3e94df4b9..b22d426c1f 100644
--- a/actionpack/lib/action_dispatch/http/request.rb
+++ b/actionpack/lib/action_dispatch/http/request.rb
@@ -166,10 +166,10 @@ module ActionDispatch
        )\.
     }x
 
-    # Determines originating IP address.  REMOTE_ADDR is the standard
-    # but will fail if the user is behind a proxy.  HTTP_CLIENT_IP and/or
+    # Determines originating IP address. REMOTE_ADDR is the standard
+    # but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or
     # HTTP_X_FORWARDED_FOR are set by proxies so check for these if
-    # REMOTE_ADDR is a proxy.  HTTP_X_FORWARDED_FOR may be a comma-
+    # REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma-
     # delimited list in the case of multiple chained proxies; the last
     # address which is not trusted is the originating IP.
     def remote_ip
diff --git a/actionpack/lib/action_dispatch/http/upload.rb b/actionpack/lib/action_dispatch/http/upload.rb
index 37effade4f..a15ad28f16 100644
--- a/actionpack/lib/action_dispatch/http/upload.rb
+++ b/actionpack/lib/action_dispatch/http/upload.rb
@@ -4,7 +4,7 @@ module ActionDispatch
       attr_accessor :original_filename, :content_type, :tempfile, :headers
 
       def initialize(hash)
-        @original_filename = hash[:filename]
+        @original_filename = encode_filename(hash[:filename])
         @content_type      = hash[:type]
         @headers           = hash[:head]
         @tempfile          = hash[:tempfile]
@@ -30,6 +30,16 @@ module ActionDispatch
       def size
         @tempfile.size
       end
+      
+      private
+      def encode_filename(filename)
+        # Encode the filename in the utf8 encoding, unless it is nil or we're in 1.8
+        if "ruby".encoding_aware? && filename
+          filename.force_encoding("UTF-8").encode!
+        else
+          filename
+        end
+      end
     end
 
     module Upload