Closes #7110 there's more work to do on rack-cache issue 69

This reverts commit 5a6f30ff.

Since #5581 added support for resources with custom params we should
not assume that it is :id when using shallow resource routing.

The Mapper looks for a :id constraint in the scope to see whether it
should apply a constraint for nested resources. Since #5581 added support
for resource params other than :id, we need to check for a constraint on
the parent resource's param name and not assume it's :id.

Optional segments with a root scope need to have the leading slash
outside of the parentheses, otherwise the generated url will be empty.
However if the route has non-optional elements then the leading slash
needs to remain inside the parentheses otherwise the generated url
will have two leading slashes, e.g:

Blog::Application.routes.draw do
  get '/(:category)', :to => 'posts#index', :as => :root
  get '/(:category)/author/:name', :to => 'posts#author', :as => :author
end

$ rake routes
  root GET /(:category)(.:format)              posts#index
author GET (/:category)/author/:name(.:format) posts#author

This change adds support for optional segments that contain a slash,
allowing support for urls like /page/2 for the root path, e.g:

Blog::Application.routes.draw do
  get '/(page/:page)', :to => 'posts#index', :as => :root
end

$ rake routes
root GET /(page/:page)(.:format) posts#index

Fixes #7073

Follow the consistency defined in dbc43bcc.

this is so we can show route output in the development when we get a routing error. Railties can use features of ActionDispatch, but ActionDispatch should not depend on Railties.

If someone receives a routing error, they likely need to view the routes. Rather than making them visit '/rails/info/routes' or run `rake routes` we can give them that information on the page.

Assuming the type ":touch", Collector.new was calling
send(:touch), which instead of triggering method_missing
and generating a new collector method, actually
invoked the private method `touch` inherited from
Object.

By generating the method for each mime type as it
is registered, the private methods on Object can
never be reached by `send`, because the `Collector`
will have them before `send` is called on it.

To do this, a callback mechanism was added to Mime::Type

This allows someone to add a callback for whenever
a new mime type is registered. The callback then
gets called with the new mime as a parameter.

This is then used in AbstractController::Collector
to generate new collector methods after each mime
is registered.

instead of deleting keys on every instantiation, create defaults we
actually use.  eventually we can pass an environment in to the request,
and create a new req / res object on each call.

ActiveModel is used in ActionPack for ActiveModel::Naming for a few,
mostly optional aspects of ActionPack related to automatically converting
an ActiveModel compliant object into a key for params and routing. It uses
only three methods of ActiveModel (ActiveModel::Naming.route_key,
ActiveModel::Naming.singular_route_key and ActiveModel::Naming.param_key).

This reverts commit 6acebb38.

Usage of this feature did not reveal any improvement in existing apps.

Conflicts:

	actionpack/lib/action_dispatch/routing/mapper.rb
	guides/source/routing.textile
	railties/lib/rails/engine.rb
	railties/lib/rails/paths.rb
	railties/test/paths_test.rb

There are several aspects to this commit, that don't well fit into broken down
commits, so they are detailed here:

 * When a user uses response.headers['Cache-Control'] = some_value, then the
   documented convention in ConditionalGet is not adhered to, in this case,
   response.cache_control is ignored due to `return if
   self[CACHE_CONTROL].present?`
 * When a middleware sets cache-control headers that would clobber, they're
   converted to symbols directly, without underscores. This would lead to bugs.
 * Items that would live in :extras if set through expires_in, are placed
   directly in the @cache_control hash, and not respected in many cases
   (somewhat adhering to the aforementioned documentation).
 * Although quite useless, any directive named 'extras' would be ignored.

The general convention applied is that expires_* take precedence, but no longer
overwrite everything and expires_* are ALWAYS applied, even if the header is
set.

I am still unhappy about the contents of this commit, and the code in general.
Ideally it should be refactored to no longer use :extras. I'd likely recommend
expanding @cache_control into a class, and giving it the power to handle the
merge in a more efficient fashion. Such a commit would be a larger change that
could have additional semantic changes for other libraries unless they utilize
expires_in in very standard ways.

These lines don't help to mitigate CVE. They only turn [nil] into nil, w/o them [nil] turns into [] and that is quite innocent. 
generated  SQL - `IN (NULL)`
compact! did all the job. 

This middleware is only for Public Exceptions.
This follows bd8c0b8a

Correct the use of to_model in polymorphic routing

In integration tests, you might want to use helpers from engines that
you mounted in your application. It's not hard to add it by yourself,
but it's unneeded boilerplate. mounted_helpers are now included by
default. That means that given engine mounted like:

    mount Foo::Engine => "/foo", :as => "foo"

you will be able to use paths from this engine in tests this way:

    foo.root_path #=> "/foo"

(closes #6573)

Remove :to_sym call from public_instance_methods iteration, as such
methods in Ruby 1.9 already return symbols. Initialize valid conditions
with controller/action instead of setting them afterwards.

Thanks to Ben Murphy for reporting this!

CVE-2012-2660

This reverts commit fa6d921e.

Reason: Not a fan of such massive changes. We usually close such changes
if made to Rails master as a pull request. Following the same principle
here and reverting.

[ci skip]

Passing path parameters with invalid encoding is likely to trigger errors
further on like `ArgumentError (invalid byte sequence in UTF-8)`. This will
result in a 500 error whereas the better error to return is a 400 error which
allows exception notification libraries to filter it out if they wish.

Closes #4450

Currently Rack raises a TypeError when it encounters a malformed or
ambiguous hash like `foo[]=bar&foo[4]=bar`. Rather than pass this
through to the application this commit captures the exception and
re-raises it using a new ActionController::BadRequest exception.

The new ActionController::BadRequest exception returns a 400 error
instead of the 500 error that would've been returned by the original
TypeError. This allows exception notification libraries to ignore
these errors if so desired.

Closes #3051