3 files changed, 37 insertions, 36 deletions

diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index 642f155085..96bdf570af 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -346,28 +346,6 @@ module ActionDispatch
         @cookies.map { |k, v| "#{escape(k)}=#{escape(v)}" }.join "; "
       end
 
-      def handle_options(options) # :nodoc:
-        if options[:expires].respond_to?(:from_now)
-          options[:expires] = options[:expires].from_now
-        end
-
-        options[:path] ||= "/"
-
-        if options[:domain] == :all || options[:domain] == "all"
-          # If there is a provided tld length then we use it otherwise default domain regexp.
-          domain_regexp = options[:tld_length] ? /([^.]+\.?){#{options[:tld_length]}}$/ : DOMAIN_REGEXP
-
-          # If host is not ip and matches domain regexp.
-          # (ip confirms to domain regexp so we explicitly check for ip)
-          options[:domain] = if (request.host !~ /^[\d.]+$/) && (request.host =~ domain_regexp)
-            ".#{$&}"
-          end
-        elsif options[:domain].is_a? Array
-          # If host matches one of the supplied domains without a dot in front of it.
-          options[:domain] = options[:domain].find { |domain| request.host.include? domain.sub(/^\./, "") }
-        end
-      end
-
       # Sets the cookie named +name+. The second argument may be the cookie's
       # value or a hash of options as documented above.
       def []=(name, options)
@@ -447,6 +425,28 @@ module ActionDispatch
         def write_cookie?(cookie)
           request.ssl? || !cookie[:secure] || always_write_cookie
         end
+
+        def handle_options(options)
+          if options[:expires].respond_to?(:from_now)
+            options[:expires] = options[:expires].from_now
+          end
+
+          options[:path] ||= "/"
+
+          if options[:domain] == :all || options[:domain] == "all"
+            # If there is a provided tld length then we use it otherwise default domain regexp.
+            domain_regexp = options[:tld_length] ? /([^.]+\.?){#{options[:tld_length]}}$/ : DOMAIN_REGEXP
+
+            # If host is not ip and matches domain regexp.
+            # (ip confirms to domain regexp so we explicitly check for ip)
+            options[:domain] = if !request.host.match?(/^[\d.]+$/) && (request.host =~ domain_regexp)
+              ".#{$&}"
+            end
+          elsif options[:domain].is_a? Array
+            # If host matches one of the supplied domains without a dot in front of it.
+            options[:domain] = options[:domain].find { |domain| request.host.include? domain.sub(/^\./, "") }
+          end
+        end
     end
 
     class AbstractCookieJar # :nodoc:
diff --git a/actionpack/lib/action_dispatch/middleware/ssl.rb b/actionpack/lib/action_dispatch/middleware/ssl.rb
index 00902ede21..34b213d14e 100644
--- a/actionpack/lib/action_dispatch/middleware/ssl.rb
+++ b/actionpack/lib/action_dispatch/middleware/ssl.rb
@@ -13,7 +13,7 @@ module ActionDispatch
   #
   #    Requests can opt-out of redirection with +exclude+:
   #
-  #      config.ssl_options = { redirect: { exclude: -> request { request.path =~ /healthcheck/ } } }
+  #      config.ssl_options = { redirect: { exclude: -> request { /healthcheck/.match?(request.path) } } }
   #
   #    Cookies will not be flagged as secure for excluded requests.
   #
diff --git a/actionpack/lib/action_dispatch/middleware/static.rb b/actionpack/lib/action_dispatch/middleware/static.rb
index 1f2f7757a3..eddcdbaeac 100644
--- a/actionpack/lib/action_dispatch/middleware/static.rb
+++ b/actionpack/lib/action_dispatch/middleware/static.rb
@@ -32,18 +32,13 @@ module ActionDispatch
       return false unless ::Rack::Utils.valid_path? path
       path = ::Rack::Utils.clean_path_info path
 
-      paths = [path, "#{path}#{ext}", "#{path}/#{@index}#{ext}"]
+      return ::Rack::Utils.escape_path(path).b if file_readable?(path)
 
-      if match = paths.detect { |p|
-        path = File.join(@root, p.b)
-        begin
-          File.file?(path) && File.readable?(path)
-        rescue SystemCallError
-          false
-        end
-      }
-        return ::Rack::Utils.escape_path(match).b
-      end
+      path_with_ext = path + ext
+      return ::Rack::Utils.escape_path(path_with_ext).b if file_readable?(path_with_ext)
+
+      path << "/" << @index << ext
+      return ::Rack::Utils.escape_path(path).b if file_readable?(path)
     end
 
     def call(env)
@@ -83,11 +78,11 @@ module ActionDispatch
       end
 
       def gzip_encoding_accepted?(request)
-        request.accept_encoding.any? { |enc, quality| enc =~ /\bgzip\b/i }
+        request.accept_encoding.any? { |enc, quality| /\bgzip\b/i.match?(enc) }
       end
 
       def gzip_file_path(path)
-        can_gzip_mime = content_type(path) =~ /\A(?:text\/|application\/javascript)/
+        can_gzip_mime = /\A(?:text\/|application\/javascript)/.match?(content_type(path))
         gzip_path     = "#{path}.gz"
         if can_gzip_mime && File.exist?(File.join(@root, ::Rack::Utils.unescape_path(gzip_path)))
           gzip_path
@@ -95,6 +90,12 @@ module ActionDispatch
           false
         end
       end
+
+      def file_readable?(path)
+        file_path = File.join(@root, path.b)
+        File.file?(file_path) && File.readable?(file_path)
+      rescue SystemCallError
+      end
   end
 
   # This middleware will attempt to return the contents of a file's body from