diff --git a/actionpack/lib/action_controller/metal/redirecting.rb b/actionpack/lib/action_controller/metal/redirecting.rb
index 3feb737277a79a626b5adc2d837ad32e17a41844..ca8c0278d088be7c39f8b6ea5658e649242e8c3a 100644
--- a/actionpack/lib/action_controller/metal/redirecting.rb
+++ b/actionpack/lib/action_controller/metal/redirecting.rb
@@ -68,6 +68,7 @@ module Redirecting
     # <tt>ActionController::RedirectBackError</tt>.
     def redirect_to(options = {}, response_status = {}) #:doc:
       raise ActionControllerError.new("Cannot redirect to nil!") unless options
+      raise ActionControllerError.new("Cannot redirect to a parameter hash!") if options.is_a?(ActionController::Parameters)
       raise AbstractController::DoubleRenderError if response_body
 
       self.status        = _extract_redirect_to_status(options, response_status)
diff --git a/actionpack/test/controller/redirect_test.rb b/actionpack/test/controller/redirect_test.rb
index 4331333b9860d0d00f1d53b1fff469f3d19a0343..103ca9c77606d1400da8432f2b2dbb5758cc87bc 100644
--- a/actionpack/test/controller/redirect_test.rb
+++ b/actionpack/test/controller/redirect_test.rb
@@ -90,6 +90,10 @@ def redirect_to_nil
     redirect_to nil
   end
 
+  def redirect_to_params
+    redirect_to ActionController::Parameters.new(status: 200, protocol: 'javascript', f: '%0Aeval(name)')
+  end
+
   def redirect_to_with_block
     redirect_to proc { "http://www.rubyonrails.org/" }
   end
@@ -281,6 +285,12 @@ def test_redirect_to_nil
     end
   end
 
+  def test_redirect_to_params
+    assert_raise(ActionController::ActionControllerError) do
+      get :redirect_to_params
+    end
+  end
+
   def test_redirect_to_with_block
     get :redirect_to_with_block
     assert_response :redirect