11 files changed, 64 insertions, 58 deletions

diff --git a/actionpack/lib/action_dispatch/http/mime_type.rb b/actionpack/lib/action_dispatch/http/mime_type.rb
index f29ad359ac..61dbf2b96c 100644
--- a/actionpack/lib/action_dispatch/http/mime_type.rb
+++ b/actionpack/lib/action_dispatch/http/mime_type.rb
@@ -53,10 +53,6 @@ module Mime
     @@html_types = Set.new [:html, :all]
     cattr_reader :html_types
 
-    # These are the content types which browsers can generate without using ajax, flash, etc
-    # i.e. following a link, getting an image or posting a form. CSRF protection
-    # only needs to protect against these types.
-    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text]
     attr_reader :symbol
 
     @register_callbacks = []
@@ -272,18 +268,6 @@ module Mime
       end
     end
 
-    # Returns true if Action Pack should check requests using this Mime Type for possible request forgery. See
-    # ActionController::RequestForgeryProtection.
-    def verify_request?
-      ActiveSupport::Deprecation.warn "Mime::Type#verify_request? is deprecated and will be removed in Rails 4.1"
-      @@browser_generated_types.include?(to_sym)
-    end
-
-    def self.browser_generated_types
-      ActiveSupport::Deprecation.warn "Mime::Type.browser_generated_types is deprecated and will be removed in Rails 4.1"
-      @@browser_generated_types
-    end
-
     def html?
       @@html_types.include?(to_sym) || @string =~ /html/
     end
diff --git a/actionpack/lib/action_dispatch/http/parameters.rb b/actionpack/lib/action_dispatch/http/parameters.rb
index 20c24ddd85..8e992070f1 100644
--- a/actionpack/lib/action_dispatch/http/parameters.rb
+++ b/actionpack/lib/action_dispatch/http/parameters.rb
@@ -64,17 +64,13 @@ module ActionDispatch
         end
 
         new_hash = {}
-        params.each do |k, v|
-          new_key = k.is_a?(String) ? k.dup.force_encoding(Encoding::UTF_8).encode! : k
-          new_hash[new_key] =
-            case v
-            when Hash
-              normalize_encode_params(v)
-            when Array
-              v.map! {|el| normalize_encode_params(el) }
-            else
-              normalize_encode_params(v)
-            end
+        params.each do |key, val|
+          new_key = key.is_a?(String) ? key.dup.force_encoding(Encoding::UTF_8).encode! : key
+          new_hash[new_key] = if val.is_a?(Array)
+            val.map! { |el| normalize_encode_params(el) }
+          else
+            normalize_encode_params(val)
+          end
         end
         new_hash.with_indifferent_access
       end
diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb
index ebd87c40b5..4ca1d35489 100644
--- a/actionpack/lib/action_dispatch/http/request.rb
+++ b/actionpack/lib/action_dispatch/http/request.rb
@@ -22,6 +22,7 @@ module ActionDispatch
     include ActionDispatch::Http::URL
 
     autoload :Session, 'action_dispatch/request/session'
+    autoload :Utils,   'action_dispatch/request/utils'
 
     LOCALHOST   = Regexp.union [/^127\.0\.0\.\d{1,3}$/, /^::1$/, /^0:0:0:0:0:0:0:1(%.*)?$/]
 
@@ -299,26 +300,10 @@ module ActionDispatch
       LOCALHOST =~ remote_addr && LOCALHOST =~ remote_ip
     end
 
-    # Remove nils from the params hash
-    def deep_munge(hash)
-      hash.each do |k, v|
-        case v
-        when Array
-          v.grep(Hash) { |x| deep_munge(x) }
-          v.compact!
-          hash[k] = nil if v.empty?
-        when Hash
-          deep_munge(v)
-        end
-      end
-
-      hash
-    end
-
     protected
 
     def parse_query(qs)
-      deep_munge(super)
+      Utils.deep_munge(super)
     end
 
     private
diff --git a/actionpack/lib/action_dispatch/http/response.rb b/actionpack/lib/action_dispatch/http/response.rb
index 60a2cccdc5..5697282791 100644
--- a/actionpack/lib/action_dispatch/http/response.rb
+++ b/actionpack/lib/action_dispatch/http/response.rb
@@ -31,10 +31,17 @@ module ActionDispatch # :nodoc:
   #    end
   #  end
   class Response
-    attr_accessor :request, :header
+    # The request that the response is responding to.
+    attr_accessor :request
+
+    # The HTTP status code.
     attr_reader :status
+
     attr_writer :sending_file
 
+    # Get and set headers for this response.
+    attr_accessor :header
+    
     alias_method :headers=, :header=
     alias_method :headers,  :header
 
@@ -49,9 +56,12 @@ module ActionDispatch # :nodoc:
     # If a character set has been defined for this response (see charset=) then
     # the character set information will also be included in the content type
     # information.
-    attr_accessor :charset
     attr_reader   :content_type
 
+    # The charset of the response. HTML wants to know the encoding of the
+    # content you're giving them, so we need to send that along.
+    attr_accessor :charset
+
     CONTENT_TYPE = "Content-Type".freeze
     SET_COOKIE   = "Set-Cookie".freeze
     LOCATION     = "Location".freeze
@@ -93,6 +103,7 @@ module ActionDispatch # :nodoc:
       end
     end
 
+    # The underlying body, as a streamable object.
     attr_reader :stream
 
     def initialize(status = 200, header = {}, body = [])
@@ -142,6 +153,7 @@ module ActionDispatch # :nodoc:
       @status = Rack::Utils.status_code(status)
     end
 
+    # Sets the HTTP content type.
     def content_type=(content_type)
       @content_type = content_type.to_s
     end
@@ -216,11 +228,13 @@ module ActionDispatch # :nodoc:
       ::Rack::Utils.delete_cookie_header!(header, key, value)
     end
 
+    # The location header we'll be responding with.
     def location
       headers[LOCATION]
     end
     alias_method :redirect_url, :location
 
+    # Sets the location header we'll be responding with.
     def location=(url)
       headers[LOCATION] = url
     end
@@ -229,11 +243,13 @@ module ActionDispatch # :nodoc:
       stream.close if stream.respond_to?(:close)
     end
 
+    # Turns the Response into a Rack-compatible array of the status, headers,
+    # and body.
     def to_a
       rack_response @status, @header.to_hash
     end
     alias prepare! to_a
-    alias to_ary   to_a # For implicit splat on 1.9.2
+    alias to_ary   to_a
 
     # Returns the response cookies, converted to a Hash of (name => value) pairs
     #
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index 5b914f293d..d055acb296 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -77,7 +77,7 @@ module ActionDispatch
   #                       domain and subdomains.
   #
   # * <tt>:expires</tt> - The time at which this cookie expires, as a \Time object.
-  # * <tt>:secure</tt> - Whether this cookie is a only transmitted to HTTPS servers.
+  # * <tt>:secure</tt> - Whether this cookie is only transmitted to HTTPS servers.
   #   Default is +false+.
   # * <tt>:httponly</tt> - Whether this cookie is accessible via scripting or
   #   only HTTP. Defaults to +false+.
diff --git a/actionpack/lib/action_dispatch/middleware/params_parser.rb b/actionpack/lib/action_dispatch/middleware/params_parser.rb
index 0fa1e9b859..fb70b60ef6 100644
--- a/actionpack/lib/action_dispatch/middleware/params_parser.rb
+++ b/actionpack/lib/action_dispatch/middleware/params_parser.rb
@@ -43,7 +43,7 @@ module ActionDispatch
         when :json
           data = ActiveSupport::JSON.decode(request.body)
           data = {:_json => data} unless data.is_a?(Hash)
-          request.deep_munge(data).with_indifferent_access
+          Request::Utils.deep_munge(data).with_indifferent_access
         else
           false
         end
diff --git a/actionpack/lib/action_dispatch/railtie.rb b/actionpack/lib/action_dispatch/railtie.rb
index edf37bb9a5..2dfaab3587 100644
--- a/actionpack/lib/action_dispatch/railtie.rb
+++ b/actionpack/lib/action_dispatch/railtie.rb
@@ -20,8 +20,7 @@ module ActionDispatch
     config.action_dispatch.default_headers = {
       'X-Frame-Options' => 'SAMEORIGIN',
       'X-XSS-Protection' => '1; mode=block',
-      'X-Content-Type-Options' => 'nosniff',
-      'X-UA-Compatible' => 'chrome=1'
+      'X-Content-Type-Options' => 'nosniff'
     }
 
     config.eager_load_namespaces << ActionDispatch
diff --git a/actionpack/lib/action_dispatch/request/utils.rb b/actionpack/lib/action_dispatch/request/utils.rb
new file mode 100644
index 0000000000..8b43cdada8
--- /dev/null
+++ b/actionpack/lib/action_dispatch/request/utils.rb
@@ -0,0 +1,24 @@
+module ActionDispatch
+  class Request < Rack::Request
+    class Utils # :nodoc:
+      class << self
+        # Remove nils from the params hash
+        def deep_munge(hash)
+          hash.each do |k, v|
+            case v
+            when Array
+              v.grep(Hash) { |x| deep_munge(x) }
+              v.compact!
+              hash[k] = nil if v.empty?
+            when Hash
+              deep_munge(v)
+            end
+          end
+
+          hash
+        end
+      end
+    end
+  end
+end
+
diff --git a/actionpack/lib/action_dispatch/routing.rb b/actionpack/lib/action_dispatch/routing.rb
index 550c7d0e7b..a9ac2bce1d 100644
--- a/actionpack/lib/action_dispatch/routing.rb
+++ b/actionpack/lib/action_dispatch/routing.rb
@@ -246,11 +246,13 @@ module ActionDispatch
   # Target specific controllers by prefixing the command with <tt>CONTROLLER=x</tt>.
   #
   module Routing
-    autoload :Mapper, 'action_dispatch/routing/mapper'
-    autoload :RouteSet, 'action_dispatch/routing/route_set'
-    autoload :RoutesProxy, 'action_dispatch/routing/routes_proxy'
-    autoload :UrlFor, 'action_dispatch/routing/url_for'
-    autoload :PolymorphicRoutes, 'action_dispatch/routing/polymorphic_routes'
+    extend ActiveSupport::Autoload
+
+    autoload :Mapper
+    autoload :RouteSet
+    autoload :RoutesProxy
+    autoload :UrlFor
+    autoload :PolymorphicRoutes
 
     SEPARATORS = %w( / . ? ) #:nodoc:
     HTTP_METHODS = [:get, :head, :post, :patch, :put, :delete, :options] #:nodoc:
diff --git a/actionpack/lib/action_dispatch/routing/inspector.rb b/actionpack/lib/action_dispatch/routing/inspector.rb
index d251de33df..cffb814e1e 100644
--- a/actionpack/lib/action_dispatch/routing/inspector.rb
+++ b/actionpack/lib/action_dispatch/routing/inspector.rb
@@ -69,7 +69,7 @@ module ActionDispatch
       end
 
       def internal?
-        controller =~ %r{\Arails/(info|welcome)} || path =~ %r{\A#{Rails.application.config.assets.prefix}}
+        controller.to_s =~ %r{\Arails/(info|welcome)} || path =~ %r{\A#{Rails.application.config.assets.prefix}}
       end
 
       def engine?
diff --git a/actionpack/lib/action_dispatch/testing/integration.rb b/actionpack/lib/action_dispatch/testing/integration.rb
index 70b42ccd1b..1f899a434c 100644
--- a/actionpack/lib/action_dispatch/testing/integration.rb
+++ b/actionpack/lib/action_dispatch/testing/integration.rb
@@ -3,7 +3,7 @@ require 'uri'
 require 'active_support/core_ext/kernel/singleton_class'
 require 'active_support/core_ext/object/try'
 require 'rack/test'
-require 'minitest/unit'
+require 'minitest'
 
 module ActionDispatch
   module Integration #:nodoc: