7 files changed, 61 insertions, 80 deletions

diff --git a/actionpack/lib/action_dispatch/middleware/callbacks.rb b/actionpack/lib/action_dispatch/middleware/callbacks.rb
index f80df78582..c782779b34 100644
--- a/actionpack/lib/action_dispatch/middleware/callbacks.rb
+++ b/actionpack/lib/action_dispatch/middleware/callbacks.rb
@@ -7,7 +7,16 @@ module ActionDispatch
     define_callbacks :call
 
     class << self
-      delegate :to_prepare, :to_cleanup, :to => "ActionDispatch::Reloader"
+      def to_prepare(*args, &block)
+        ActiveSupport::Reloader.to_prepare(*args, &block)
+      end
+
+      def to_cleanup(*args, &block)
+        ActiveSupport::Reloader.to_complete(*args, &block)
+      end
+
+      deprecate to_prepare: 'use ActiveSupport::Reloader.to_prepare instead',
+        to_cleanup: 'use ActiveSupport::Reloader.to_complete instead'
 
       def before(*args, &block)
         set_callback(:call, :before, *args, &block)
diff --git a/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb b/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb
index 3b61824cc9..59edc66086 100644
--- a/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb
+++ b/actionpack/lib/action_dispatch/middleware/exception_wrapper.rb
@@ -1,4 +1,3 @@
-require 'action_controller/metal/exceptions'
 require 'active_support/core_ext/module/attribute_accessors'
 require 'rack/utils'
 
diff --git a/actionpack/lib/action_dispatch/middleware/executor.rb b/actionpack/lib/action_dispatch/middleware/executor.rb
new file mode 100644
index 0000000000..06245b403b
--- /dev/null
+++ b/actionpack/lib/action_dispatch/middleware/executor.rb
@@ -0,0 +1,19 @@
+require 'rack/body_proxy'
+
+module ActionDispatch
+  class Executor
+    def initialize(app, executor)
+      @app, @executor = app, executor
+    end
+
+    def call(env)
+      state = @executor.run!
+      begin
+        response = @app.call(env)
+        returned = response << ::Rack::BodyProxy.new(response.pop) { state.complete! }
+      ensure
+        state.complete! unless returned
+      end
+    end
+  end
+end
diff --git a/actionpack/lib/action_dispatch/middleware/load_interlock.rb b/actionpack/lib/action_dispatch/middleware/load_interlock.rb
deleted file mode 100644
index 07f498319c..0000000000
--- a/actionpack/lib/action_dispatch/middleware/load_interlock.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-require 'active_support/dependencies'
-require 'rack/body_proxy'
-
-module ActionDispatch
-  class LoadInterlock
-    def initialize(app)
-      @app = app
-    end
-
-    def call(env)
-      interlock = ActiveSupport::Dependencies.interlock
-      interlock.start_running
-      response = @app.call(env)
-      body = Rack::BodyProxy.new(response[2]) { interlock.done_running }
-      response[2] = body
-      response
-    ensure
-      interlock.done_running unless body
-    end
-  end
-end
diff --git a/actionpack/lib/action_dispatch/middleware/params_parser.rb b/actionpack/lib/action_dispatch/middleware/params_parser.rb
index c2a4f46e67..5841c978af 100644
--- a/actionpack/lib/action_dispatch/middleware/params_parser.rb
+++ b/actionpack/lib/action_dispatch/middleware/params_parser.rb
@@ -37,6 +37,7 @@ module ActionDispatch
     # The +parsers+ argument can take Hash of parsers where key is identifying
     # content mime type, and value is a lambda that is going to process data.
     def self.new(app, parsers = {})
+      parsers = parsers.transform_keys { |key| key.respond_to?(:symbol) ? key.symbol : key }
       ActionDispatch::Request.parameter_parsers = ActionDispatch::Request::DEFAULT_PARSERS.merge(parsers)
       app
     end
diff --git a/actionpack/lib/action_dispatch/middleware/reloader.rb b/actionpack/lib/action_dispatch/middleware/reloader.rb
index af9a29eb07..112bde6596 100644
--- a/actionpack/lib/action_dispatch/middleware/reloader.rb
+++ b/actionpack/lib/action_dispatch/middleware/reloader.rb
@@ -23,74 +23,32 @@ module ActionDispatch
   # middleware stack, but are executed only when <tt>ActionDispatch::Reloader.prepare!</tt>
   # or <tt>ActionDispatch::Reloader.cleanup!</tt> are called manually.
   #
-  class Reloader
-    include ActiveSupport::Callbacks
-    include ActiveSupport::Deprecation::Reporting
-
-    define_callbacks :prepare
-    define_callbacks :cleanup
-
-    # Add a prepare callback. Prepare callbacks are run before each request, prior
-    # to ActionDispatch::Callback's before callbacks.
+  class Reloader < Executor
     def self.to_prepare(*args, &block)
-      unless block_given?
-        warn "to_prepare without a block is deprecated. Please use a block"
-      end
-      set_callback(:prepare, *args, &block)
+      ActiveSupport::Reloader.to_prepare(*args, &block)
     end
 
-    # Add a cleanup callback. Cleanup callbacks are run after each request is
-    # complete (after #close is called on the response body).
     def self.to_cleanup(*args, &block)
-      unless block_given?
-        warn "to_cleanup without a block is deprecated. Please use a block"
-      end
-      set_callback(:cleanup, *args, &block)
+      ActiveSupport::Reloader.to_complete(*args, &block)
     end
 
-    # Execute all prepare callbacks.
     def self.prepare!
-      new(nil).prepare!
+      default_reloader.prepare!
     end
 
-    # Execute all cleanup callbacks.
     def self.cleanup!
-      new(nil).cleanup!
-    end
-
-    def initialize(app, condition=nil)
-      @app = app
-      @condition = condition || lambda { true }
-      @validated = true
+      default_reloader.reload!
     end
 
-    def call(env)
-      @validated = @condition.call
-      prepare!
-
-      response = @app.call(env)
-      response[2] = ::Rack::BodyProxy.new(response[2]) { cleanup! }
+    class << self
+      attr_accessor :default_reloader # :nodoc:
 
-      response
-    rescue Exception
-      cleanup!
-      raise
+      deprecate to_prepare: 'use ActiveSupport::Reloader.to_prepare instead',
+        to_cleanup: 'use ActiveSupport::Reloader.to_complete instead',
+        prepare!: 'use Rails.application.reloader.prepare! instead',
+        cleanup!: 'use Rails.application.reloader.reload! instead of cleanup + prepare'
     end
 
-    def prepare! #:nodoc:
-      run_callbacks :prepare if validated?
-    end
-
-    def cleanup! #:nodoc:
-      run_callbacks :cleanup if validated?
-    ensure
-      @validated = true
-    end
-
-    private
-
-    def validated? #:nodoc:
-      @validated
-    end
+    self.default_reloader = ActiveSupport::Reloader
   end
 end
diff --git a/actionpack/lib/action_dispatch/middleware/ssl.rb b/actionpack/lib/action_dispatch/middleware/ssl.rb
index 735b5939dd..ab3077b308 100644
--- a/actionpack/lib/action_dispatch/middleware/ssl.rb
+++ b/actionpack/lib/action_dispatch/middleware/ssl.rb
@@ -23,7 +23,7 @@ module ActionDispatch
   #     preload lists is `18.weeks`.
   #   * `subdomains`: Set to `true` to tell the browser to apply these settings
   #     to all subdomains. This protects your cookies from interception by a
-  #     vulnerable site on a subdomain. Defaults to `false`.
+  #     vulnerable site on a subdomain. Defaults to `true`.
   #   * `preload`: Advertise that this site may be included in browsers'
   #     preloaded HSTS lists. HSTS protects your site on every visit *except the
   #     first visit* since it hasn't seen your HSTS header yet. To close this
@@ -34,6 +34,10 @@ module ActionDispatch
   # original HSTS directive until it expires. Instead, use the header to tell browsers to
   # expire HSTS immediately. Setting `hsts: false` is a shortcut for
   # `hsts: { expires: 0 }`.
+  #
+  # Requests can opt-out of redirection with `exclude`:
+  #
+  #    config.ssl_options = { redirect: { exclude: -> request { request.path =~ /healthcheck/ } } }
   class SSL
     # Default to 180 days, the low end for https://www.ssllabs.com/ssltest/
     # and greater than the 18-week requirement for browser preload lists.
@@ -49,14 +53,26 @@ module ActionDispatch
       if options[:host] || options[:port]
         ActiveSupport::Deprecation.warn <<-end_warning.strip_heredoc
           The `:host` and `:port` options are moving within `:redirect`:
-          `config.ssl_options = { redirect: { host: …, port: … }}`.
+          `config.ssl_options = { redirect: { host: …, port: … } }`.
         end_warning
         @redirect = options.slice(:host, :port)
       else
         @redirect = redirect
       end
 
+      @exclude = @redirect && @redirect[:exclude] || proc { !@redirect }
       @secure_cookies = secure_cookies
+
+      if hsts != true && hsts != false && hsts[:subdomains].nil?
+        hsts[:subdomains] = false
+
+        ActiveSupport::Deprecation.warn <<-end_warning.strip_heredoc
+          In Rails 5.1, The `:subdomains` option of HSTS config will be treated as true if
+          unspecified. Set `config.ssl_options = { hsts: { subdomains: false } }` to opt out
+          of this behavior.
+        end_warning
+      end
+
       @hsts_header = build_hsts_header(normalize_hsts_options(hsts))
     end
 
@@ -69,7 +85,7 @@ module ActionDispatch
           flag_cookies_as_secure! headers if @secure_cookies
         end
       else
-        return redirect_to_https request if @redirect
+        return redirect_to_https request unless @exclude.call(request)
         @app.call(env)
       end
     end