10 files changed, 89 insertions, 18 deletions

diff --git a/railties/lib/rails/application.rb b/railties/lib/rails/application.rb
index 10fa63c303..3191fe68a7 100644
--- a/railties/lib/rails/application.rb
+++ b/railties/lib/rails/application.rb
@@ -239,7 +239,7 @@ module Rails
 
         middleware.use ::Rack::Lock unless config.allow_concurrency
         middleware.use ::Rack::Runtime
-        middleware.use ::Rack::MethodOverride unless config.middleware.api_only?
+        middleware.use ::Rack::MethodOverride unless config.middleware.http_only?
         middleware.use ::ActionDispatch::RequestId
         middleware.use ::Rails::Rack::Logger, config.log_tags # must come after Rack::MethodOverride to properly log overridden methods
         middleware.use ::ActionDispatch::ShowExceptions, config.exceptions_app || ActionDispatch::PublicExceptions.new(Rails.public_path)
@@ -252,9 +252,9 @@ module Rails
         end
 
         middleware.use ::ActionDispatch::Callbacks
-        middleware.use ::ActionDispatch::Cookies unless config.middleware.api_only?
+        middleware.use ::ActionDispatch::Cookies unless config.middleware.http_only?
 
-        if !config.middleware.api_only? && config.session_store
+        if !config.middleware.http_only? && config.session_store
           if config.force_ssl && !config.session_options.key?(:secure)
             config.session_options[:secure] = true
           end
@@ -267,7 +267,7 @@ module Rails
         middleware.use ::Rack::ConditionalGet
         middleware.use ::Rack::ETag, "no-cache"
 
-        if !config.middleware.api_only? && config.action_dispatch.best_standards_support
+        if !config.middleware.http_only? && config.action_dispatch.best_standards_support
           middleware.use ::ActionDispatch::BestStandardsSupport, config.action_dispatch.best_standards_support
         end
       end
diff --git a/railties/lib/rails/application/bootstrap.rb b/railties/lib/rails/application/bootstrap.rb
index 93a0fba10b..e567df7162 100644
--- a/railties/lib/rails/application/bootstrap.rb
+++ b/railties/lib/rails/application/bootstrap.rb
@@ -32,9 +32,9 @@ module Rails
           f.binmode
           f.sync = config.autoflush_log # if true make sure every write flushes
 
-          logger = ActiveSupport::TaggedLogging.new(
-            ActiveSupport::Logger.new(f)
-          )
+          logger = ActiveSupport::Logger.new f
+          logger.formatter = config.log_formatter
+          logger = ActiveSupport::TaggedLogging.new(logger)
           logger.level = ActiveSupport::Logger.const_get(config.log_level.to_s.upcase)
           logger
         rescue StandardError
diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb
index 0f5fc2b7bc..1cfcd30c5b 100644
--- a/railties/lib/rails/application/configuration.rb
+++ b/railties/lib/rails/application/configuration.rb
@@ -8,7 +8,7 @@ module Rails
       attr_accessor :allow_concurrency, :asset_host, :asset_path, :assets, :autoflush_log,
                     :cache_classes, :cache_store, :consider_all_requests_local, :console,
                     :dependency_loading, :exceptions_app, :file_watcher, :filter_parameters,
-                    :force_ssl, :helpers_paths, :logger, :log_tags, :preload_frameworks,
+                    :force_ssl, :helpers_paths, :logger, :log_formatter, :log_tags, :preload_frameworks,
                     :railties_order, :relative_url_root, :secret_token,
                     :serve_static_assets, :ssl_options, :static_cache_control, :session_options,
                     :time_zone, :reload_classes_only_on_change, :use_schema_cache_dump
@@ -41,6 +41,7 @@ module Rails
         @file_watcher                  = ActiveSupport::FileUpdateChecker
         @exceptions_app                = nil
         @autoflush_log                 = true
+        @log_formatter                 = ActiveSupport::Logger::SimpleFormatter.new
         @use_schema_cache_dump         = true
 
         @assets = ActiveSupport::OrderedOptions.new
diff --git a/railties/lib/rails/commands/server.rb b/railties/lib/rails/commands/server.rb
index 0b757cbe28..a608693ca4 100644
--- a/railties/lib/rails/commands/server.rb
+++ b/railties/lib/rails/commands/server.rb
@@ -71,6 +71,8 @@ module Rails
         wrapped_app # touch the app so the logger is set up
 
         console = ActiveSupport::Logger.new($stdout)
+        console.formatter = Rails.logger.formatter
+
         Rails.logger.extend(ActiveSupport::Logger.broadcast(console))
       end
 
diff --git a/railties/lib/rails/configuration.rb b/railties/lib/rails/configuration.rb
index 0efa21d82c..d8185bcb34 100644
--- a/railties/lib/rails/configuration.rb
+++ b/railties/lib/rails/configuration.rb
@@ -6,17 +6,54 @@ require 'rails/rack'
 
 module Rails
   module Configuration
-    class MiddlewareStackProxy #:nodoc:
+    # MiddlewareStackProxy is a proxy for the Rails middleware stack that allows
+    # you to configure middlewares in your application. It works basically as a
+    # command recorder, saving each command to be applied after initialization
+    # over the default middleware stack, so you can add, swap, or remove any
+    # middleware in Rails.
+    #
+    # You can add your own middlewares by using the +config.middleware.use+ method:
+    #
+    #     config.middleware.use Magical::Unicorns
+    #
+    # This will put the +Magical::Unicorns+ middleware on the end of the stack.
+    # You can use +insert_before+ if you wish to add a middleware before another:
+    #
+    #     config.middleware.insert_before ActionDispatch::Head, Magical::Unicorns
+    #
+    # There's also +insert_after+ which will insert a middleware after another:
+    #
+    #     config.middleware.insert_after ActionDispatch::Head, Magical::Unicorns
+    #
+    # Middlewares can also be completely swapped out and replaced with others:
+    #
+    #     config.middleware.swap ActionDispatch::BestStandardsSupport, Magical::Unicorns
+    #
+    # And finally they can also be removed from the stack completely:
+    #
+    #     config.middleware.delete ActionDispatch::BestStandardsSupport
+    #
+    # In addition to these methods to handle the stack, if your application is
+    # going to be used as an API endpoint only, the middleware stack can be
+    # configured like this:
+    #
+    #     config.middleware.http_only!
+    #
+    # By doing this, Rails will create a smaller middleware stack, by not adding
+    # some middlewares that are usually useful for browser access only, such as
+    # Cookies, Session and Flash, BestStandardsSupport, and MethodOverride. You
+    # can always add any of them later manually if you want.
+    class MiddlewareStackProxy
       def initialize
         @operations = []
-        @api_only   = false
+        @http_only  = false
       end
 
-      attr_reader :api_only
-      alias       :api_only? :api_only
+      attr_reader :http_only
+      alias       :http_only? :http_only
 
-      def api_only!
-        @api_only = true
+      def http_only!
+        @http_only = true
       end
 
       def insert_before(*args, &block)
@@ -41,7 +78,7 @@ module Rails
         @operations << [:delete, args, block]
       end
 
-      def merge_into(other)
+      def merge_into(other) #:nodoc:
         @operations.each do |operation, args, block|
           other.send(operation, *args, &block)
         end
diff --git a/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb b/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb
index e8065d9505..b3d6adad2a 100644
--- a/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb
+++ b/railties/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb
@@ -1,3 +1,5 @@
 class ApplicationController < ActionController::Base
-  protect_from_forgery
+  # prevent CSRF attacks by raising an exception,
+  # if your application has an API, you'll probably need to use :reset_session
+  protect_from_forgery :with => :exception
 end
diff --git a/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt
index 7041550fd0..d0d9083c37 100644
--- a/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt
+++ b/railties/lib/rails/generators/rails/app/templates/config/environments/production.rb.tt
@@ -73,4 +73,7 @@
 
   # Disable automatic flushing of the log to improve performance.
   # config.autoflush_log = false
+
+  # Use default logging formatter so that PID and timestamp are not suppressed
+  config.log_formatter = ::Logger::Formatter.new
 end
diff --git a/railties/lib/rails/generators/rails/plugin_new/templates/test/test_helper.rb b/railties/lib/rails/generators/rails/plugin_new/templates/test/test_helper.rb
index dcd3b276e3..8d45b2bbd9 100644
--- a/railties/lib/rails/generators/rails/plugin_new/templates/test/test_helper.rb
+++ b/railties/lib/rails/generators/rails/plugin_new/templates/test/test_helper.rb
@@ -8,3 +8,8 @@ Rails.backtrace_cleaner.remove_silencers!
 
 # Load support files
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
+
+# Load fixtures from the engine
+if ActiveSupport::TestCase.method_defined?(:fixture_path)
+  ActiveSupport::TestCase.fixture_path = File.expand_path("../fixtures", __FILE__)
+end
\ No newline at end of file
diff --git a/railties/lib/rails/generators/test_unit/scaffold/scaffold_generator.rb b/railties/lib/rails/generators/test_unit/scaffold/scaffold_generator.rb
index f7e907a017..4c07baae36 100644
--- a/railties/lib/rails/generators/test_unit/scaffold/scaffold_generator.rb
+++ b/railties/lib/rails/generators/test_unit/scaffold/scaffold_generator.rb
@@ -8,10 +8,31 @@ module TestUnit
 
       check_class_collision :suffix => "ControllerTest"
 
+      argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
+
       def create_test_files
         template 'functional_test.rb',
                  File.join('test/functional', controller_class_path, "#{controller_file_name}_controller_test.rb")
       end
+
+      private
+
+        def resource_attributes
+          key_value singular_table_name, "{ #{attributes_hash} }"
+        end
+
+        def attributes_hash
+          return if accessible_attributes.empty?
+
+          accessible_attributes.map do |a|
+            name = a.name
+            "#{name}: @#{singular_table_name}.#{name}"
+          end.sort.join(', ')
+        end
+
+        def accessible_attributes
+          attributes.reject(&:reference?)
+        end
     end
   end
 end
diff --git a/railties/lib/rails/generators/test_unit/scaffold/templates/functional_test.rb b/railties/lib/rails/generators/test_unit/scaffold/templates/functional_test.rb
index 9ec2e34545..19894443d5 100644
--- a/railties/lib/rails/generators/test_unit/scaffold/templates/functional_test.rb
+++ b/railties/lib/rails/generators/test_unit/scaffold/templates/functional_test.rb
@@ -19,7 +19,7 @@ class <%= controller_class_name %>ControllerTest < ActionController::TestCase
 
   test "should create <%= singular_table_name %>" do
     assert_difference('<%= class_name %>.count') do
-      post :create, <%= key_value singular_table_name, "@#{singular_table_name}.attributes" %>
+      post :create, <%= resource_attributes %>
     end
 
     assert_redirected_to <%= singular_table_name %>_path(assigns(:<%= singular_table_name %>))
@@ -36,7 +36,7 @@ class <%= controller_class_name %>ControllerTest < ActionController::TestCase
   end
 
   test "should update <%= singular_table_name %>" do
-    put :update, <%= key_value :id, "@#{singular_table_name}" %>, <%= key_value singular_table_name, "@#{singular_table_name}.attributes" %>
+    put :update, <%= key_value :id, "@#{singular_table_name}" %>, <%= resource_attributes %>
     assert_redirected_to <%= singular_table_name %>_path(assigns(:<%= singular_table_name %>))
   end