5 files changed, 79 insertions, 55 deletions

diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb
index 8b8426b5aa..8560a6fc9c 100755
--- a/actionpack/lib/action_dispatch/http/request.rb
+++ b/actionpack/lib/action_dispatch/http/request.rb
@@ -45,47 +45,65 @@ module ActionDispatch
     HTTP_METHODS = %w(get head put post delete options)
     HTTP_METHOD_LOOKUP = HTTP_METHODS.inject({}) { |h, m| h[m] = h[m.upcase] = m.to_sym; h }
 
-    # Returns the true HTTP request \method as a lowercase symbol, such as
-    # <tt>:get</tt>. If the request \method is not listed in the HTTP_METHODS
-    # constant above, an UnknownHttpMethod exception is raised.
+    # Returns the HTTP \method that the application should see.
+    # In the case where the \method was overridden by a middleware
+    # (for instance, if a HEAD request was converted to a GET,
+    # or if a _method parameter was used to determine the \method
+    # the application should use), this \method returns the overridden
+    # value, not the original.
     def request_method
-      method = env["rack.methodoverride.original_method"] || env["REQUEST_METHOD"]
+      method = env["REQUEST_METHOD"]
       HTTP_METHOD_LOOKUP[method] || raise(ActionController::UnknownHttpMethod, "#{method}, accepted HTTP methods are #{HTTP_METHODS.to_sentence(:locale => :en)}")
+      method
+    end
+
+    # Returns a symbol form of the #request_method
+    def request_method_symbol
+      HTTP_METHOD_LOOKUP[request_method]
     end
 
-    # Returns the HTTP request \method used for action processing as a
-    # lowercase symbol, such as <tt>:post</tt>. (Unlike #request_method, this
-    # method returns <tt>:get</tt> for a HEAD request because the two are
-    # functionally equivalent from the application's perspective.)
+    # Returns the original value of the environment's REQUEST_METHOD,
+    # even if it was overridden by middleware. See #request_method for
+    # more information.
     def method
-      method = env["REQUEST_METHOD"]
+      method = env["rack.methodoverride.original_method"] || env['REQUEST_METHOD']
       HTTP_METHOD_LOOKUP[method] || raise(ActionController::UnknownHttpMethod, "#{method}, accepted HTTP methods are #{HTTP_METHODS.to_sentence(:locale => :en)}")
+      method
+    end
+
+    # Returns a symbol form of the #method
+    def method_symbol
+      HTTP_METHOD_LOOKUP[method]
     end
 
-    # Is this a GET (or HEAD) request?  Equivalent to <tt>request.method == :get</tt>.
+    # Is this a GET (or HEAD) request?
+    # Equivalent to <tt>request.request_method == :get</tt>.
     def get?
-      method == :get
+      HTTP_METHOD_LOOKUP[request_method] == :get
     end
 
-    # Is this a POST request?  Equivalent to <tt>request.method == :post</tt>.
+    # Is this a POST request?
+    # Equivalent to <tt>request.request_method == :post</tt>.
     def post?
-      method == :post
+      HTTP_METHOD_LOOKUP[request_method] == :post
     end
 
-    # Is this a PUT request?  Equivalent to <tt>request.method == :put</tt>.
+    # Is this a PUT request?
+    # Equivalent to <tt>request.request_method == :put</tt>.
     def put?
-      method == :put
+      HTTP_METHOD_LOOKUP[request_method] == :put
     end
 
-    # Is this a DELETE request?  Equivalent to <tt>request.method == :delete</tt>.
+    # Is this a DELETE request?
+    # Equivalent to <tt>request.request_method == :delete</tt>.
     def delete?
-      method == :delete
+      HTTP_METHOD_LOOKUP[request_method] == :delete
     end
 
-    # Is this a HEAD request? Since <tt>request.method</tt> sees HEAD as <tt>:get</tt>,
-    # this \method checks the actual HTTP \method directly.
+    # Is this a HEAD request?
+    # Equivalent to <tt>request.method == :head</tt>.
     def head?
-      request_method == :head
+      HTTP_METHOD_LOOKUP[method] == :head
     end
 
     # Provides access to the request's HTTP headers, for example:
@@ -96,7 +114,7 @@ module ActionDispatch
     end
 
     def forgery_whitelisted?
-      method == :get || xhr? || content_mime_type.nil? || !content_mime_type.verify_request?
+      get? || xhr? || content_mime_type.nil? || !content_mime_type.verify_request?
     end
 
     def media_type
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index cb0d12cab1..71dcac9e94 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -1,7 +1,7 @@
 module ActionDispatch
   class Request
-    def cookie_jar
-      env['action_dispatch.cookies'] ||= Cookies::CookieJar.build(self)
+    def cookie_jar(config = {})
+      env['action_dispatch.cookies'] ||= Cookies::CookieJar.build(self, config)
     end
   end
 
@@ -51,17 +51,18 @@ module ActionDispatch
   #   only HTTP. Defaults to +false+.
   class Cookies
     class CookieJar < Hash #:nodoc:
-      def self.build(request)
-        new.tap do |hash|
+      def self.build(request, config = {})
+        new(config).tap do |hash|
           hash.update(request.cookies)
         end
       end
 
-      def initialize
+      def initialize(config = {})
+        @config = config
         @set_cookies = {}
         @delete_cookies = {}
 
-        super
+        super()
       end
 
       # Returns the value of the cookie by +name+, or +nil+ if no such cookie exists.
@@ -111,7 +112,7 @@ module ActionDispatch
       #   cookies.permanent.signed[:remember_me] = current_user.id
       #   # => Set-Cookie: discount=BAhU--848956038e692d7046deab32b7131856ab20e14e; path=/; expires=Sun, 16-Dec-2029 03:24:16 GMT
       def permanent
-        @permanent ||= PermanentCookieJar.new(self)
+        @permanent ||= PermanentCookieJar.new(self, @config)
       end
 
       # Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from
@@ -119,7 +120,7 @@ module ActionDispatch
       # cookie was tampered with by the user (or a 3rd party), an ActiveSupport::MessageVerifier::InvalidSignature exception will
       # be raised.
       #
-      # This jar requires that you set a suitable secret for the verification on ActionController::Base.cookie_verifier_secret.
+      # This jar requires that you set a suitable secret for the verification on your app's config.cookie_secret.
       #
       # Example:
       #
@@ -128,7 +129,7 @@ module ActionDispatch
       #
       #   cookies.signed[:discount] # => 45
       def signed
-        @signed ||= SignedCookieJar.new(self)
+        @signed ||= SignedCookieJar.new(self, @config)
       end
 
       def write(response)
@@ -138,8 +139,9 @@ module ActionDispatch
     end
 
     class PermanentCookieJar < CookieJar #:nodoc:
-      def initialize(parent_jar)
+      def initialize(parent_jar, config = {})
         @parent_jar = parent_jar
+        @config = config
       end
 
       def []=(key, options)
@@ -154,11 +156,7 @@ module ActionDispatch
       end
 
       def signed
-        @signed ||= SignedCookieJar.new(self)
-      end
-
-      def controller
-        @parent_jar.controller
+        @signed ||= SignedCookieJar.new(self, @config)
       end
 
       def method_missing(method, *arguments, &block)
@@ -167,18 +165,16 @@ module ActionDispatch
     end
 
     class SignedCookieJar < CookieJar #:nodoc:
-      def initialize(parent_jar)
-        unless ActionController::Base.config.secret
-          raise "You must set ActionController::Base.config.secret"
-        end
-
+      def initialize(parent_jar, config = {})
+        raise 'Missing cookie signing secret' if config[:signing_secret].blank?
         @parent_jar = parent_jar
-        @verifier = ActiveSupport::MessageVerifier.new(ActionController::Base.config.secret)
+        @config = config
+        @verifier = ActiveSupport::MessageVerifier.new(config[:signing_secret])
       end
 
       def [](name)
-        if value = @parent_jar[name]
-          @verifier.verify(value)
+        if signed_message = @parent_jar[name]
+          @verifier.verify(signed_message)
         end
       end
 
diff --git a/actionpack/lib/action_dispatch/routing/mapper.rb b/actionpack/lib/action_dispatch/routing/mapper.rb
index 2c7ee7dad0..925e91f081 100644
--- a/actionpack/lib/action_dispatch/routing/mapper.rb
+++ b/actionpack/lib/action_dispatch/routing/mapper.rb
@@ -5,20 +5,20 @@ module ActionDispatch
   module Routing
     class Mapper
       class Constraints #:nodoc:
-        def self.new(app, constraints = [])
+        def self.new(app, constraints, request = Rack::Request)
           if constraints.any?
-            super(app, constraints)
+            super(app, constraints, request)
           else
             app
           end
         end
 
-        def initialize(app, constraints = [])
-          @app, @constraints = app, constraints
+        def initialize(app, constraints, request)
+          @app, @constraints, @request = app, constraints, request
         end
 
         def call(env)
-          req = Rack::Request.new(env)
+          req = @request.new(env)
 
           @constraints.each { |constraint|
             if constraint.respond_to?(:matches?) && !constraint.matches?(req)
@@ -83,7 +83,8 @@ module ActionDispatch
           def app
             Constraints.new(
               to.respond_to?(:call) ? to : Routing::RouteSet::Dispatcher.new(:defaults => defaults),
-              blocks
+              blocks,
+              @set.request_class
             )
           end
 
@@ -242,7 +243,11 @@ module ActionDispatch
 
           lambda do |env|
             req = Request.new(env)
-            uri = URI.parse(path_proc.call(req.symbolized_path_parameters))
+
+            params = [req.symbolized_path_parameters]
+            params << req if path_proc.arity > 1
+
+            uri = URI.parse(path_proc.call(*params))
             uri.scheme ||= req.scheme
             uri.host   ||= req.host
             uri.port   ||= req.port unless req.port == 80
diff --git a/actionpack/lib/action_dispatch/routing/route_set.rb b/actionpack/lib/action_dispatch/routing/route_set.rb
index c8e4371bb7..f1965f38b9 100644
--- a/actionpack/lib/action_dispatch/routing/route_set.rb
+++ b/actionpack/lib/action_dispatch/routing/route_set.rb
@@ -187,18 +187,19 @@ module ActionDispatch
 
       attr_accessor :routes, :named_routes
       attr_accessor :disable_clear_and_finalize, :resources_path_names
-      attr_accessor :default_url_options
+      attr_accessor :default_url_options, :request_class
 
       def self.default_resources_path_names
         { :new => 'new', :edit => 'edit' }
       end
 
-      def initialize
+      def initialize(request_class = ActionDispatch::Request)
         self.routes = []
         self.named_routes = NamedRouteCollection.new
         self.resources_path_names = self.class.default_resources_path_names.dup
         self.controller_namespaces = Set.new
         self.default_url_options = {}
+        self.request_class = request_class
 
         @disable_clear_and_finalize = false
         clear!
@@ -232,7 +233,10 @@ module ActionDispatch
         @finalized = false
         routes.clear
         named_routes.clear
-        @set = ::Rack::Mount::RouteSet.new(:parameters_key => PARAMETERS_KEY)
+        @set = ::Rack::Mount::RouteSet.new(
+          :parameters_key => PARAMETERS_KEY,
+          :request_class  => request_class
+        )
       end
 
       def install_helpers(destinations = [ActionController::Base, ActionView::Base], regenerate_code = false)
diff --git a/actionpack/lib/action_dispatch/testing/integration.rb b/actionpack/lib/action_dispatch/testing/integration.rb
index 031fa1dfb4..8d107d9aa5 100644
--- a/actionpack/lib/action_dispatch/testing/integration.rb
+++ b/actionpack/lib/action_dispatch/testing/integration.rb
@@ -266,11 +266,12 @@ module ActionDispatch
             "HTTP_ACCEPT"    => accept
           }
 
+          session = Rack::Test::Session.new(@mock_session)
+
           (rack_environment || {}).each do |key, value|
             env[key] = value
           end
 
-          session = Rack::Test::Session.new(@mock_session)
           session.request(path, env)
 
           @request_count += 1