11 files changed, 63 insertions, 41 deletions
diff --git a/actionpack/test/controller/caching_test.rb b/actionpack/test/controller/caching_test.rb
index 754ac144cc..7faf3cd8c6 100644
--- a/actionpack/test/controller/caching_test.rb
+++ b/actionpack/test/controller/caching_test.rb
@@ -219,12 +219,15 @@ CACHED
   end
 
   def test_fragment_caching_with_options
+    time = Time.now
     get :fragment_cached_with_options
     assert_response :success
     expected_body = "<body>\n<p>ERB</p>\n</body>\n"
 
     assert_equal expected_body, @response.body
-    assert_equal "<p>ERB</p>", @store.read("views/with_options")
+    Time.stub(:now, time + 11) do
+      assert_nil @store.read("views/with_options")
+    end
   end
 
   def test_render_inline_before_fragment_caching
diff --git a/actionpack/test/controller/flash_hash_test.rb b/actionpack/test/controller/flash_hash_test.rb
index 081288ef21..f87077dd86 100644
--- a/actionpack/test/controller/flash_hash_test.rb
+++ b/actionpack/test/controller/flash_hash_test.rb
@@ -57,10 +57,10 @@ module ActionDispatch
 
     def test_to_session_value
       @hash['foo'] = 'bar'
-      assert_equal({'flashes' => {'foo' => 'bar'}}, @hash.to_session_value)
+      assert_equal({ 'discard' => [], 'flashes' => { 'foo' => 'bar' } }, @hash.to_session_value)
 
       @hash.now['qux'] = 1
-      assert_equal({'flashes' => {'foo' => 'bar'}}, @hash.to_session_value)
+      assert_equal({ 'flashes' => { 'foo' => 'bar' }, 'discard' => [] }, @hash.to_session_value)
 
       @hash.discard('foo')
       assert_equal(nil, @hash.to_session_value)
diff --git a/actionpack/test/controller/helper_test.rb b/actionpack/test/controller/helper_test.rb
index feb882a2b3..ef85e141a0 100644
--- a/actionpack/test/controller/helper_test.rb
+++ b/actionpack/test/controller/helper_test.rb
@@ -207,6 +207,22 @@ class HelperTest < ActiveSupport::TestCase
     assert methods.include?(:foobar)
   end
 
+  def test_helper_proxy_in_instance
+    methods = AllHelpersController.new.helpers.methods
+
+    # Action View
+    assert_includes methods, :pluralize
+
+    # abc_helper.rb
+    assert_includes methods, :bare_a
+
+    # fun/games_helper.rb
+    assert_includes methods, :stratego
+
+    # fun/pdf_helper.rb
+    assert_includes methods, :foobar
+  end
+
   def test_helper_proxy_config
     AllHelpersController.config.my_var = 'smth'
 
diff --git a/actionpack/test/controller/integration_test.rb b/actionpack/test/controller/integration_test.rb
index ad7166bafa..97571c1308 100644
--- a/actionpack/test/controller/integration_test.rb
+++ b/actionpack/test/controller/integration_test.rb
@@ -35,7 +35,7 @@ class SessionTest < ActiveSupport::TestCase
     path = "/somepath"; args = {:id => '1'}; headers = {"X-Test-Header" => "testvalue"}
     assert_called_with @session, :process, [:put, path, params: args, headers: headers] do
       @session.stub :redirect?, false do
-        @session.request_via_redirect(:put, path, params: args, headers: headers)
+        assert_deprecated { @session.request_via_redirect(:put, path, params: args, headers: headers) }
       end
     end
   end
@@ -54,7 +54,7 @@ class SessionTest < ActiveSupport::TestCase
     value_series = [true, true, false]
     assert_called @session, :follow_redirect!, times: 2 do
       @session.stub :redirect?, ->{ value_series.shift } do
-        @session.request_via_redirect(:get, path, params: args, headers: headers)
+        assert_deprecated { @session.request_via_redirect(:get, path, params: args, headers: headers) }
       end
     end
   end
@@ -63,7 +63,9 @@ class SessionTest < ActiveSupport::TestCase
     path = "/somepath"; args = {:id => '1'}; headers = {"X-Test-Header" => "testvalue"}
     @session.stub :redirect?, false do
       @session.stub :status, 200 do
-        assert_equal 200, @session.request_via_redirect(:get, path, params: args, headers: headers)
+        assert_deprecated do
+          assert_equal 200, @session.request_via_redirect(:get, path, params: args, headers: headers)
+        end
       end
     end
   end
diff --git a/actionpack/test/controller/live_stream_test.rb b/actionpack/test/controller/live_stream_test.rb
index a7759c080b..5977124594 100644
--- a/actionpack/test/controller/live_stream_test.rb
+++ b/actionpack/test/controller/live_stream_test.rb
@@ -246,7 +246,8 @@ module ActionController
 
     def assert_stream_closed
       assert response.stream.closed?, 'stream should be closed'
-      assert response.sent?, 'stream should be sent'
+      assert response.committed?,     'response should be committed'
+      assert response.sent?,          'response should be sent'
     end
 
     def capture_log_output
diff --git a/actionpack/test/controller/parameters/parameters_permit_test.rb b/actionpack/test/controller/parameters/parameters_permit_test.rb
index 96048e2868..b75eb0e3bf 100644
--- a/actionpack/test/controller/parameters/parameters_permit_test.rb
+++ b/actionpack/test/controller/parameters/parameters_permit_test.rb
@@ -360,4 +360,13 @@ class ParametersPermitTest < ActiveSupport::TestCase
     assert @params.include? 'person'
     assert_not @params.include? :gorilla
   end
+
+  test "scalar values should be filtered when array or hash is specified" do
+    params = ActionController::Parameters.new(foo: "bar")
+
+    assert params.permit(:foo).has_key?(:foo)
+    refute params.permit(foo: []).has_key?(:foo)
+    refute params.permit(foo: [:bar]).has_key?(:foo)
+    refute params.permit(foo: :bar).has_key?(:foo)
+  end
 end
diff --git a/actionpack/test/controller/redirect_test.rb b/actionpack/test/controller/redirect_test.rb
index e10d4449f3..f83248402c 100644
--- a/actionpack/test/controller/redirect_test.rb
+++ b/actionpack/test/controller/redirect_test.rb
@@ -176,7 +176,6 @@ class RedirectTest < ActionController::TestCase
     assert_equal "http://www.example.com", redirect_to_url
   end
 
-
   def test_relative_url_redirect_with_status
     get :relative_url_redirect_with_status
     assert_response 302
@@ -313,7 +312,7 @@ class RedirectTest < ActionController::TestCase
     error = assert_raise(ArgumentError) do
       get :redirect_to_params
     end
-    assert_equal "Generating a URL from non sanitized request parameters is insecure!", error.message
+    assert_equal ActionDispatch::Routing::INSECURE_URL_PARAMETERS_MESSAGE, error.message
   end
 
   def test_redirect_to_with_block
diff --git a/actionpack/test/controller/renderer_test.rb b/actionpack/test/controller/renderer_test.rb
index 16d24fa82a..372c09bc23 100644
--- a/actionpack/test/controller/renderer_test.rb
+++ b/actionpack/test/controller/renderer_test.rb
@@ -87,6 +87,14 @@ class RendererTest < ActiveSupport::TestCase
     assert_equal "<p>1\n<br />2</p>", render[inline: '<%= simple_format "1\n2" %>']
   end
 
+  test 'rendering with user specified defaults' do
+    ApplicationController.renderer.defaults.merge!({ hello: 'hello', https: true })
+    renderer = ApplicationController.renderer.new
+    content = renderer.render inline: '<%= request.ssl? %>'
+
+    assert_equal 'true', content
+  end
+
   private
     def render
       @render ||= ApplicationController.renderer.method(:render)
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb
index f7dcbc1984..d56241f9cd 100644
--- a/actionpack/test/controller/request_forgery_protection_test.rb
+++ b/actionpack/test/controller/request_forgery_protection_test.rb
@@ -781,6 +781,19 @@ class PerFormTokensControllerTest < ActionController::TestCase
     assert_response :success
   end
 
+  def test_ignores_origin_during_generation
+    get :index, params: {form_path: 'https://example.com/per_form_tokens/post_one/'}
+
+    form_token = assert_presence_and_fetch_form_csrf_token
+
+    # This is required because PATH_INFO isn't reset between requests.
+    @request.env['PATH_INFO'] = '/per_form_tokens/post_one'
+    assert_nothing_raised do
+      post :post_one, params: {custom_authenticity_token: form_token}
+    end
+    assert_response :success
+  end
+
   def test_ignores_trailing_slash_during_validation
     get :index
 
diff --git a/actionpack/test/controller/rescue_test.rb b/actionpack/test/controller/rescue_test.rb
index ed78f859ce..c088e5a043 100644
--- a/actionpack/test/controller/rescue_test.rb
+++ b/actionpack/test/controller/rescue_test.rb
@@ -131,22 +131,6 @@ class RescueController < ActionController::Base
   def missing_template
   end
 
-  def io_error_in_view
-    begin
-      raise IOError.new('this is io error')
-    rescue
-      raise ActionView::TemplateError.new(nil)
-    end
-  end
-
-  def zero_division_error_in_view
-    begin
-      raise ZeroDivisionError.new('this is zero division error')
-    rescue
-      raise ActionView::TemplateError.new(nil)
-    end
-  end
-
   def exception_with_more_specific_handler_for_wrapper
     raise RecordInvalid
   rescue
@@ -251,17 +235,6 @@ class ControllerInheritanceRescueControllerTest < ActionController::TestCase
 end
 
 class RescueControllerTest < ActionController::TestCase
-
-  def test_io_error_in_view
-    get :io_error_in_view
-    assert_equal 'io error', @response.body
-  end
-
-  def test_zero_division_error_in_view
-    get :zero_division_error_in_view
-    assert_equal 'action_view templater error', @response.body
-  end
-
   def test_rescue_handler
     get :not_authorized
     assert_response :forbidden
@@ -276,7 +249,6 @@ class RescueControllerTest < ActionController::TestCase
       get :record_invalid
     end
   end
-
   def test_rescue_handler_with_argument_as_string
     assert_called_with @controller, :show_errors, [Exception] do
       get :record_invalid_raise_as_string
@@ -314,7 +286,6 @@ class RescueControllerTest < ActionController::TestCase
     get :resource_unavailable
     assert_equal "RescueController::ResourceUnavailable", @response.body
   end
-
   def test_block_rescue_handler_with_argument_as_string
     get :resource_unavailable_raise_as_string
     assert_equal "RescueController::ResourceUnavailableToRescueAsString", @response.body
@@ -322,7 +293,7 @@ class RescueControllerTest < ActionController::TestCase
 
   test 'rescue when wrapper has more specific handler than cause' do
     get :exception_with_more_specific_handler_for_wrapper
-    assert_response :unprocessable_entity
+    assert_response :forbidden
   end
 
   test 'rescue when cause has more specific handler than wrapper' do
diff --git a/actionpack/test/controller/routing_test.rb b/actionpack/test/controller/routing_test.rb
index c477b4156c..168677829a 100644
--- a/actionpack/test/controller/routing_test.rb
+++ b/actionpack/test/controller/routing_test.rb
@@ -2064,11 +2064,11 @@ class RackMountIntegrationTests < ActiveSupport::TestCase
   def test_extras
     params = {:controller => 'people'}
     assert_equal [], @routes.extra_keys(params)
-    assert_equal({:controller => 'people'}, params)
+    assert_equal({:controller => 'people', :action => 'index'}, params)
 
     params = {:controller => 'people', :foo => 'bar'}
     assert_equal [:foo], @routes.extra_keys(params)
-    assert_equal({:controller => 'people', :foo => 'bar'}, params)
+    assert_equal({:controller => 'people', :action => 'index', :foo => 'bar'}, params)
 
     params = {:controller => 'people', :action => 'create', :person => { :name => 'Josh'}}
     assert_equal [:person], @routes.extra_keys(params)