4 files changed, 59 insertions, 50 deletions

diff --git a/actionpack/lib/action_dispatch/http/parameters.rb b/actionpack/lib/action_dispatch/http/parameters.rb
index dcb299ed03..1ab11392ce 100644
--- a/actionpack/lib/action_dispatch/http/parameters.rb
+++ b/actionpack/lib/action_dispatch/http/parameters.rb
@@ -4,10 +4,7 @@ require 'active_support/core_ext/hash/indifferent_access'
 module ActionDispatch
   module Http
     module Parameters
-      def initialize(env)
-        super
-        @symbolized_path_params = nil
-      end
+      PARAMETERS_KEY = 'action_dispatch.request.path_parameters'
 
       # Returns both GET and POST \parameters in a single hash.
       def parameters
@@ -24,14 +21,13 @@ module ActionDispatch
       alias :params :parameters
 
       def path_parameters=(parameters) #:nodoc:
-        @symbolized_path_params = nil
-        @env.delete("action_dispatch.request.parameters")
-        @env["action_dispatch.request.path_parameters"] = parameters
+        @env.delete('action_dispatch.request.parameters')
+        @env[PARAMETERS_KEY] = parameters
       end
 
       # The same as <tt>path_parameters</tt> with explicitly symbolized keys.
       def symbolized_path_parameters
-        @symbolized_path_params ||= path_parameters.symbolize_keys
+        path_parameters
       end
 
       # Returns a hash with the \parameters used to form the \path of the request.
@@ -41,11 +37,7 @@ module ActionDispatch
       #
       # See <tt>symbolized_path_parameters</tt> for symbolized keys.
       def path_parameters
-        @env["action_dispatch.request.path_parameters"] ||= {}
-      end
-
-      def reset_parameters #:nodoc:
-        @env.delete("action_dispatch.request.parameters")
+        @env[PARAMETERS_KEY] ||= {}
       end
 
     private
diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb
index daa06e96e6..dfe258e463 100644
--- a/actionpack/lib/action_dispatch/http/request.rb
+++ b/actionpack/lib/action_dispatch/http/request.rb
@@ -53,6 +53,17 @@ module ActionDispatch
       @uuid              = nil
     end
 
+    def check_path_parameters!
+      # If any of the path parameters has an invalid encoding then
+      # raise since it's likely to trigger errors further on.
+      path_parameters.each do |key, value|
+        next unless value.respond_to?(:valid_encoding?)
+        unless value.valid_encoding?
+          raise ActionController::BadRequest, "Invalid parameter: #{key} => #{value}"
+        end
+      end
+    end
+
     def key?(key)
       @env.key?(key)
     end
@@ -64,6 +75,7 @@ module ActionDispatch
     # Ordered Collections Protocol (WebDAV) (http://www.ietf.org/rfc/rfc3648.txt)
     # Web Distributed Authoring and Versioning (WebDAV) Access Control Protocol (http://www.ietf.org/rfc/rfc3744.txt)
     # Web Distributed Authoring and Versioning (WebDAV) SEARCH (http://www.ietf.org/rfc/rfc5323.txt)
+    # Calendar Extensions to WebDAV (http://www.ietf.org/rfc/rfc4791.txt)
     # PATCH Method for HTTP (http://www.ietf.org/rfc/rfc5789.txt)
     RFC2616 = %w(OPTIONS GET HEAD POST PUT DELETE TRACE CONNECT)
     RFC2518 = %w(PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK)
@@ -71,9 +83,10 @@ module ActionDispatch
     RFC3648 = %w(ORDERPATCH)
     RFC3744 = %w(ACL)
     RFC5323 = %w(SEARCH)
+    RFC4791 = %w(MKCALENDAR)
     RFC5789 = %w(PATCH)
 
-    HTTP_METHODS = RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC5789
+    HTTP_METHODS = RFC2616 + RFC2518 + RFC3253 + RFC3648 + RFC3744 + RFC5323 + RFC4791 + RFC5789
 
     HTTP_METHOD_LOOKUP = {}
 
diff --git a/actionpack/lib/action_dispatch/http/response.rb b/actionpack/lib/action_dispatch/http/response.rb
index 3d27ff2b24..eaea93b730 100644
--- a/actionpack/lib/action_dispatch/http/response.rb
+++ b/actionpack/lib/action_dispatch/http/response.rb
@@ -296,6 +296,9 @@ module ActionDispatch # :nodoc:
       cookies
     end
 
+    def _status_code
+      @status
+    end
   private
 
     def before_committed
diff --git a/actionpack/lib/action_dispatch/http/url.rb b/actionpack/lib/action_dispatch/http/url.rb
index 278f534380..4cba4f5f37 100644
--- a/actionpack/lib/action_dispatch/http/url.rb
+++ b/actionpack/lib/action_dispatch/http/url.rb
@@ -30,19 +30,19 @@ module ActionDispatch
         end
 
         def url_for(options)
+          unless options[:host] || options[:only_path]
+            raise ArgumentError, 'Missing host to link to! Please provide the :host parameter, set default_url_options[:host], or set :only_path to true'
+          end
+
           path  = options[:script_name].to_s.chomp("/")
           path << options[:path].to_s
 
-          result = build_host_url(options)
+          add_trailing_slash(path) if options[:trailing_slash]
 
-          if options[:trailing_slash]
-            if path.include?('?')
-              result << path.sub(/\?/, '/\&')
-            else
-              result << path.sub(/[^\/]\z|\A\z/, '\&/')
-            end
-          else
-            result << path
+          result = path
+
+          unless options[:only_path]
+            result.prepend build_host_url(options)
           end
 
           if options.key? :params
@@ -60,29 +60,38 @@ module ActionDispatch
 
         private
 
+        def add_trailing_slash(path)
+          # includes querysting
+          if path.include?('?')
+            path.sub!(/\?/, '/\&')
+          # does not have a .format
+          elsif !path.include?(".")
+            path.sub!(/[^\/]\z|\A\z/, '\&/')
+          end
+
+          path
+        end
+
         def build_host_url(options)
-          unless options[:host] || options[:only_path]
-            raise ArgumentError, 'Missing host to link to! Please provide the :host parameter, set default_url_options[:host], or set :only_path to true'
+          if match = options[:host].match(HOST_REGEXP)
+            options[:protocol] ||= match[1] unless options[:protocol] == false
+            options[:host]       = match[2]
+            options[:port]       = match[3] unless options.key?(:port)
           end
 
-          result = ""
+          options[:protocol] = normalize_protocol(options)
+          options[:host]     = normalize_host(options)
+          options[:port]     = normalize_port(options)
 
-          unless options[:only_path]
-            if match = options[:host].match(HOST_REGEXP)
-              options[:protocol] ||= match[1] unless options[:protocol] == false
-              options[:host]       = match[2]
-              options[:port]       = match[3] unless options.key?(:port)
-            end
-
-            options[:protocol] = normalize_protocol(options)
-            options[:host]     = normalize_host(options)
-            options[:port]     = normalize_port(options)
-
-            result << options[:protocol]
-            result << rewrite_authentication(options)
-            result << options[:host]
-            result << ":#{options[:port]}" if options[:port]
+          result = options[:protocol]
+
+          if options[:user] && options[:password]
+            result << "#{Rack::Utils.escape(options[:user])}:#{Rack::Utils.escape(options[:password])}@"
           end
+
+          result << options[:host]
+          result << ":#{options[:port]}" if options[:port]
+
           result
         end
 
@@ -94,14 +103,6 @@ module ActionDispatch
           (options[:subdomain] == true || !options.key?(:subdomain)) && options[:domain].nil?
         end
 
-        def rewrite_authentication(options)
-          if options[:user] && options[:password]
-            "#{Rack::Utils.escape(options[:user])}:#{Rack::Utils.escape(options[:password])}@"
-          else
-            ""
-          end
-        end
-
         def normalize_protocol(options)
           case options[:protocol]
           when nil
@@ -136,7 +137,7 @@ module ActionDispatch
 
           case options[:protocol]
           when "//"
-            nil
+            options[:port]
           when "https://"
             options[:port].to_i == 443 ? nil : options[:port]
           else