13 files changed, 77 insertions, 26 deletions

diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 51cec82801..cc908dcc43 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -10,4 +10,5 @@
 
     *Julian Nadeau*
 
+
 Please check [5-1-stable](https://github.com/rails/rails/blob/5-1-stable/actionpack/CHANGELOG.md) for previous changes.
diff --git a/actionpack/lib/action_controller/metal/strong_parameters.rb b/actionpack/lib/action_controller/metal/strong_parameters.rb
index 7864f9decd..20330b5091 100644
--- a/actionpack/lib/action_controller/metal/strong_parameters.rb
+++ b/actionpack/lib/action_controller/metal/strong_parameters.rb
@@ -666,8 +666,8 @@ module ActionController
     # to key. If the key is not found, returns the default value. If the
     # optional code block is given and the key is not found, pass in the key
     # and return the result of block.
-    def delete(key)
-      convert_value_to_parameters(@parameters.delete(key))
+    def delete(key, &block)
+      convert_value_to_parameters(@parameters.delete(key, &block))
     end
 
     # Returns a new instance of <tt>ActionController::Parameters</tt> with only
diff --git a/actionpack/lib/action_dispatch/http/mime_type.rb b/actionpack/lib/action_dispatch/http/mime_type.rb
index 0cf010f59e..74a3afab44 100644
--- a/actionpack/lib/action_dispatch/http/mime_type.rb
+++ b/actionpack/lib/action_dispatch/http/mime_type.rb
@@ -326,11 +326,11 @@ module Mime
 
     def ref; end
 
-    def respond_to_missing?(method, include_private = false)
-      method.to_s.ends_with? "?"
-    end
-
     private
+      def respond_to_missing?(method, _)
+        method.to_s.ends_with? "?"
+      end
+
       def method_missing(method, *args)
         false if method.to_s.ends_with? "?"
       end
diff --git a/actionpack/lib/action_dispatch/http/parameters.rb b/actionpack/lib/action_dispatch/http/parameters.rb
index 79a2ef965b..7c585dbe68 100644
--- a/actionpack/lib/action_dispatch/http/parameters.rb
+++ b/actionpack/lib/action_dispatch/http/parameters.rb
@@ -85,7 +85,7 @@ module ActionDispatch
 
         def set_binary_encoding(params)
           action = params[:action]
-          if controller_class.binary_params_for?(action)
+          if binary_params_for?(action)
             ActionDispatch::Request::Utils.each_param_value(params) do |param|
               param.force_encoding ::Encoding::ASCII_8BIT
             end
@@ -93,6 +93,12 @@ module ActionDispatch
           params
         end
 
+        def binary_params_for?(action)
+          controller_class.binary_params_for?(action)
+        rescue NameError
+          false
+        end
+
         def parse_formatted_parameters(parsers)
           return yield if content_length.zero? || content_mime_type.nil?
 
diff --git a/actionpack/lib/action_dispatch/http/upload.rb b/actionpack/lib/action_dispatch/http/upload.rb
index 61ba052e45..225272d66e 100644
--- a/actionpack/lib/action_dispatch/http/upload.rb
+++ b/actionpack/lib/action_dispatch/http/upload.rb
@@ -27,14 +27,18 @@ module ActionDispatch
         @tempfile = hash[:tempfile]
         raise(ArgumentError, ":tempfile is required") unless @tempfile
 
-        @original_filename = hash[:filename]
-        if @original_filename
+        if hash[:filename]
+          @original_filename = hash[:filename].dup
+
           begin
             @original_filename.encode!(Encoding::UTF_8)
           rescue EncodingError
             @original_filename.force_encoding(Encoding::UTF_8)
           end
+        else
+          @original_filename = nil
         end
+
         @content_type      = hash[:type]
         @headers           = hash[:head]
       end
diff --git a/actionpack/lib/action_dispatch/journey/router/utils.rb b/actionpack/lib/action_dispatch/journey/router/utils.rb
index ffcd875b4d..6d400f3364 100644
--- a/actionpack/lib/action_dispatch/journey/router/utils.rb
+++ b/actionpack/lib/action_dispatch/journey/router/utils.rb
@@ -13,11 +13,13 @@ module ActionDispatch
         #   normalize_path("")      # => "/"
         #   normalize_path("/%ab")  # => "/%AB"
         def self.normalize_path(path)
+          encoding = path.encoding
           path = "/#{path}"
           path.squeeze!("/".freeze)
           path.sub!(%r{/+\Z}, "".freeze)
           path.gsub!(/(%[a-f0-9]{2})/) { $1.upcase }
           path = "/" if path == "".freeze
+          path.force_encoding(encoding)
           path
         end
 
@@ -59,11 +61,11 @@ module ActionDispatch
           end
 
           private
-            def escape(component, pattern) # :doc:
+            def escape(component, pattern)
               component.gsub(pattern) { |unsafe| percent_encode(unsafe) }.force_encoding(US_ASCII)
             end
 
-            def percent_encode(unsafe) # :doc:
+            def percent_encode(unsafe)
               safe = EMPTY.dup
               unsafe.each_byte { |b| safe << DEC2HEX[b] }
               safe
@@ -84,6 +86,10 @@ module ActionDispatch
           ENCODER.escape_fragment(fragment.to_s)
         end
 
+        # Replaces any escaped sequences with their unescaped representations.
+        #
+        #   uri = "/topics?title=Ruby%20on%20Rails"
+        #   unescape_uri(uri)  #=> "/topics?title=Ruby on Rails"
         def self.unescape_uri(uri)
           ENCODER.unescape_uri(uri)
         end
diff --git a/actionpack/lib/action_dispatch/routing/routes_proxy.rb b/actionpack/lib/action_dispatch/routing/routes_proxy.rb
index ee847eaeed..c1423f770f 100644
--- a/actionpack/lib/action_dispatch/routing/routes_proxy.rb
+++ b/actionpack/lib/action_dispatch/routing/routes_proxy.rb
@@ -19,7 +19,8 @@ module ActionDispatch
         end
       end
 
-      def respond_to_missing?(method, include_private = false)
+    private
+      def respond_to_missing?(method, _)
         super || @helpers.respond_to?(method)
       end
 
@@ -32,7 +33,7 @@ module ActionDispatch
               @helpers.#{method}(*args)
             end
           RUBY
-          send(method, *args)
+          public_send(method, *args)
         else
           super
         end
diff --git a/actionpack/lib/action_dispatch/testing/integration.rb b/actionpack/lib/action_dispatch/testing/integration.rb
index 2e2db98ad6..2416c58817 100644
--- a/actionpack/lib/action_dispatch/testing/integration.rb
+++ b/actionpack/lib/action_dispatch/testing/integration.rb
@@ -385,14 +385,15 @@ module ActionDispatch
         integration_session.default_url_options = options
       end
 
-      def respond_to_missing?(method, include_private = false)
-        integration_session.respond_to?(method, include_private) || super
+    private
+      def respond_to_missing?(method, _)
+        integration_session.respond_to?(method) || super
       end
 
       # Delegate unhandled messages to the current session instance.
-      def method_missing(sym, *args, &block)
-        if integration_session.respond_to?(sym)
-          integration_session.__send__(sym, *args, &block).tap do
+      def method_missing(method, *args, &block)
+        if integration_session.respond_to?(method)
+          integration_session.public_send(method, *args, &block).tap do
             copy_session_variables!
           end
         else
diff --git a/actionpack/test/controller/parameters/mutators_test.rb b/actionpack/test/controller/parameters/mutators_test.rb
index e61bbdbe13..2c36f488c6 100644
--- a/actionpack/test/controller/parameters/mutators_test.rb
+++ b/actionpack/test/controller/parameters/mutators_test.rb
@@ -25,6 +25,27 @@ class ParametersMutatorsTest < ActiveSupport::TestCase
     assert_not @params.delete(:person).permitted?
   end
 
+  test "delete returns the value when the key is present" do
+    assert_equal "32", @params[:person].delete(:age)
+  end
+
+  test "delete removes the entry when the key present" do
+    @params[:person].delete(:age)
+    assert_not @params[:person].key?(:age)
+  end
+
+  test "delete returns nil when the key is not present" do
+    assert_equal nil, @params[:person].delete(:first_name)
+  end
+
+  test "delete returns the value of the given block when the key is not present" do
+    assert_equal "David", @params[:person].delete(:first_name) { "David" }
+  end
+
+  test "delete yields the key to the given block when the key is not present" do
+    assert_equal "first_name: David", @params[:person].delete(:first_name) { |k| "#{k}: David" }
+  end
+
   test "delete_if retains permitted status" do
     @params.permit!
     assert @params.delete_if { |k| k == "person" }.permitted?
diff --git a/actionpack/test/dispatch/request_test.rb b/actionpack/test/dispatch/request_test.rb
index 7e194c5d8b..899b27b962 100644
--- a/actionpack/test/dispatch/request_test.rb
+++ b/actionpack/test/dispatch/request_test.rb
@@ -110,8 +110,8 @@ class RequestIP < BaseRequestTest
       request.remote_ip
     }
     assert_match(/IP spoofing attack/, e.message)
-    assert_match(/HTTP_X_FORWARDED_FOR="1.1.1.1"/, e.message)
-    assert_match(/HTTP_CLIENT_IP="2.2.2.2"/, e.message)
+    assert_match(/HTTP_X_FORWARDED_FOR="1\.1\.1\.1"/, e.message)
+    assert_match(/HTTP_CLIENT_IP="2\.2\.2\.2"/, e.message)
   end
 
   test "remote ip with spoof detection disabled" do
diff --git a/actionpack/test/dispatch/routing_test.rb b/actionpack/test/dispatch/routing_test.rb
index d64917e0d3..32cd78e492 100644
--- a/actionpack/test/dispatch/routing_test.rb
+++ b/actionpack/test/dispatch/routing_test.rb
@@ -4419,7 +4419,7 @@ class TestInvalidUrls < ActionDispatch::IntegrationTest
     end
   end
 
-  test "invalid UTF-8 encoding returns a 400 Bad Request" do
+  test "invalid UTF-8 encoding is treated as ASCII 8BIT encode" do
     with_routing do |set|
       set.draw do
         get "/bar/:id", to: redirect("/foo/show/%{id}")
@@ -4435,19 +4435,19 @@ class TestInvalidUrls < ActionDispatch::IntegrationTest
       end
 
       get "/%E2%EF%BF%BD%A6"
-      assert_response :bad_request
+      assert_response :not_found
 
       get "/foo/%E2%EF%BF%BD%A6"
-      assert_response :bad_request
+      assert_response :not_found
 
       get "/foo/show/%E2%EF%BF%BD%A6"
-      assert_response :bad_request
+      assert_response :ok
 
       get "/bar/%E2%EF%BF%BD%A6"
-      assert_response :bad_request
+      assert_response :redirect
 
       get "/foobar/%E2%EF%BF%BD%A6"
-      assert_response :bad_request
+      assert_response :ok
     end
   end
 end
diff --git a/actionpack/test/dispatch/uploaded_file_test.rb b/actionpack/test/dispatch/uploaded_file_test.rb
index 51680216e4..0074d2a314 100644
--- a/actionpack/test/dispatch/uploaded_file_test.rb
+++ b/actionpack/test/dispatch/uploaded_file_test.rb
@@ -13,6 +13,12 @@ module ActionDispatch
       assert_equal "foo", uf.original_filename
     end
 
+    def test_filename_is_different_object
+      file_str = "foo"
+      uf = Http::UploadedFile.new(filename: file_str, tempfile: Object.new)
+      assert_not_equal file_str.object_id , uf.original_filename.object_id
+    end
+
     def test_filename_should_be_in_utf_8
       uf = Http::UploadedFile.new(filename: "foo", tempfile: Object.new)
       assert_equal "UTF-8", uf.original_filename.encoding.to_s
diff --git a/actionpack/test/journey/router/utils_test.rb b/actionpack/test/journey/router/utils_test.rb
index b77bf6628a..74277a4325 100644
--- a/actionpack/test/journey/router/utils_test.rb
+++ b/actionpack/test/journey/router/utils_test.rb
@@ -31,6 +31,11 @@ module ActionDispatch
         def test_normalize_path_uppercase
           assert_equal "/foo%AAbar%AAbaz", Utils.normalize_path("/foo%aabar%aabaz")
         end
+
+        def test_normalize_path_maintains_string_encoding
+          path = "/foo%AAbar%AAbaz".b
+          assert_equal Encoding::ASCII_8BIT, Utils.normalize_path(path).encoding
+        end
       end
     end
   end