* Add binary encoding logic into ActionDispatch::Request::Utils

Moving the logic to set binary encoding into ActionDispatch::Request::Utils
will allow us to encode from GET and POST in ActionDispatch::Request.

* Refactor binary encoding logic

- Move binary encoding calls into GET, POST and path_parameters
- Remove binary encoding from ActionDispatch::Http::Request
- This way, we only raise an invalid encoding exception if the controller is not requesting
parameters in binary encoding

* Check if encoding is valid in ActionDispatch::Request#POST and raise BadRequest if invalid

* Fix multipart_params_test that has binary-encoded params containing invalid UTF-8 characters

* Address PR comments

* Pass action and controller to Request::Utils.set_binary_encoding

[Rafael Mendonça França + Adrianna Chang]

Calling request in an action of a controller generates an endless stream of
characters, including the Rack app and middlewares.
This can be frustrating when using a debugger in a controller and
accidentally calling `request` generates output for a couple of seconds.

Inspect on ActionDispatch::Request is shortened to the most relevant
attributes and uses the same format as used for request in the logs:

    "#<ActionDispatch::Request POST "https://example.com/path/of/some/uri?q=1" for 1.2.3.4>"

Depends on newer Rack API.

This reverts commit fbf1d82e.

Rack decided to tolerate proxies which choose to attach ports to
X-Forwarded-For IPs by stripping the port:
https://github.com/rack/rack/pull/1251. Attaching a port is rare in the
wild but some proxies (notably Microsoft Azure's App Service) do it.

Without this patch, remote_ip will ignore X-Forwarded-For IPs with ports
attached and the return value is less likely to be useful.

Rails should do the same thing. The stripping logic is already available
in Rack::Request::Helpers, so change the X-Forwarded-For retrieval
method from ActionDispatch::Request#x_forwarded_for (which returns the
raw header) to #forwarded_for, which returns a stripped array of IP
addresses, or nil. There may be other benefits hiding in Rack's
implementation.

We can't call ips_from with an array (and legislating for that inside
ips_from doesn't appeal), so refactor out the bit we need to apply in
both cases (verifying the IP is acceptable to IPAddr and that it's not a
range) to a separate method called #sanitize_ips which reduces an array of
maybe-ips to an array of acceptable ones.

Rack updated the RFC they're adhering to when parsing cookies, now no
longer including commas.

There's still an open question as mentioned in:
https://github.com/rails/rails/issues/38420

However, the resilience test is no longer as well needed as it once was
and we can move forward separately. If not, this is easily revertible.

Scenario: we have a REMOTE_ADDR of `127.0.0.1`, and X-Forwarded-For is
`A, B, C`.

Without any relevant trust, the `remote_ip` is `C`.

If `C` is trusted, then the `remote_ip` is `B`.

If `B` and `C` are trusted, then the `remote_ip` is `A`.

If all of `A`, `B`, and `C` are trusted, then the `remote_ip` should
still be `A`: if our trust was sufficient to get that far out before,
trusting something else should not have us fall back to `127.0.0.1`.

It is this last situation that we're correcting here:

We trust `A` to give us accurate X-Forwarded-For information, yet it has
chosen to leave it unset. Therefore, `A` is telling us that it is itself
the client.

Updated the setter to clear the value in the `@remote_ip` instance
variable before setting the header that the value is derived from in the
getter.

Fix error 500 caused by ActionController::RoutingError (via fail-safe) when POST parameters are invalid (#29985)

* Reproduce error caused by malformed parameters

    Error:
    RequestFormat#test_format_does_not_throw_exceptions_when_invalid_POST_parameters:
    ActionDispatch::Http::Parameters::ParseError: 765: unexpected token at '{record:{content:24.12.1.146}}'
        /Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/parameters.rb:113:in `rescue in parse_formatted_parameters'
        /Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/parameters.rb:107:in `parse_formatted_parameters'
        /Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/request.rb:360:in `block in POST'
        /Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch'
        /Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch_header'
        /Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/request.rb:359:in `POST'
        /Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/parameters.rb:53:in `parameters'
        /Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/mime_negotiation.rb:62:in `block in formats'
        /Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch'
        /Users/weppos/.rvm/gems/ruby-2.3.3/gems/rack-2.0.3/lib/rack/request.rb:57:in `fetch_header'
        /Users/weppos/Mirrors/rails/actionpack/lib/action_dispatch/http/mime_negotiation.rb:60:in `formats'
        /Users/weppos/Mirrors/rails/actionpack/test/dispatch/request_test.rb:891:in `block in <class:RequestFormat>'

See GH-29983

* Capture parameter parsing error output and test it

This change prevents the log to be displayed in the tests.
Moreover, the assertion against the debug ensures that
the test effectively triggers the parsing error as expected.

* Use a generic value in the test

* Switch to assert_match

[Simone Carletti + Rafael Mendonça França]

These assertions did matter due to the inconsistent behavior of
[the #parameters method][1]. Today, it behaves consistently and they
could be removed. Also, one of the methods was stubbed somewhat
incorrectly, so it is better not to stub and instead, make them close
to more realistic use cases.

[1]: https://github.com/rails/rails/pull/13999#issuecomment-34601746

To be removed in Rails 6.0 (default for the deprecate helper).  Code
moved around as well for the ActiveSupport::Deprecation modules, since
it was dependent on ActiveSupport::Inflector being loaded for it to
work.  By "lazy loading" the Inflector code from within the Deprecation
code, we can require ActiveSupport::Deprecation from
ActiveSupport::Inflector and not get a circular dependency issue.

The Problem
-----------

The following line from `String#camelize`:

  string = string.sub(/^(?:#{inflections.acronym_regex}(?=\b|[A-Z_])|\w)/) { |match| match.downcase }

and the following line from `String#camelize`:

  word.gsub!(/(?:(?<=([A-Za-z\d]))|\b)(#{inflections.acronym_regex})(?=\b|[^a-z])/) { "#{$1 && '_'.freeze }#{$2.downcase}" }#{$2.downcase}" }

Both generate the same regexep in the first part of the `.sub`/`.gsub`
method calls every time the function is called, creating an extra object
allocation each time.  The value of `acronym_regex` only changes if the
user decides add an acronym to the current set of inflections and apends
another string on the the regexp generated here, but beyond that it
remains relatively static.

This has been around since acronym support was introduced back in 2011
in PR#1648.

Proposed Solution
-----------------
To avoid re-generating these strings every time these methods are
called, cache the values of these regular expressions in the
`ActiveSupport::Inflector::Inflections` instance, making it so these
regular expressions are only generated once, or when the acronym's are
added to.

Other notable changes is the attr_readers are nodoc'd, as they shouldn't
really be public APIs for users.  Also, the new method,
define_acronym_regex_patterns, is the only method in charge of
manipulating @acronym_regex, and initialize_dup also makes use of that
new change.

** Note about fix for non-deterministic actionpack test **

With the introduction of `@acronym_underscore_regex` and
`@acronym_camelize_regex`, tests that manipulated these for a short
time, then reset them could caused test failures to happen.  This
happened because the previous way we reset the `@acronyms` and
`@acronym_regex` was the set them using #instance_variable_set, which
wouldn't run the #define_acronym_regex_patterns method.

This has now been introduced into the actionpack tests to avoid this
failure.

When puma/puma#1403 is merged Puma will support the Early Hints status
code for sending assets before a request has finished.

While the Early Hints spec is still in draft, this PR prepares Rails to
allowing this status code.

If the proxy server supports Early Hints, it will send H2 pushes to the
client.

This PR adds a method for setting Early Hints Link headers via Rails,
and also automatically sends Early Hints if supported from the
`stylesheet_link_tag` and the `javascript_include_tag`.

Once puma supports Early Hints the `--early-hints` argument can be
passed to the server to enable this or set in the puma config with
`early_hints(true)`. Note that for Early Hints to work
in the browser the requirements are 1) a proxy that can handle H2,
and 2) HTTPS.

To start the server with Early Hints enabled pass `--early-hints` to
`rails s`.

This has been verified to work with h2o, Puma, and Rails with Chrome.

The commit adds a new option to the rails server to enable early hints
for Puma.

Early Hints spec:
https://tools.ietf.org/html/draft-ietf-httpbis-early-hints-04

[Eileen M. Uchitelle, Aaron Patterson]

You should be able to safely use the String error message. So when
finding the paramter has an invalid encoding we need to remove the
invalid bytes before using it in the error. Otherwise the caller might
get another Encoding error if they use the message.

This reverts commit 3420a145, reversing
changes made to afb66a5a.

- Fixes issue described on #27944
- `filtered_query_string` used an Array representation of what
semantically is a key value pair: better suited for a Hash.  Without
this change `filtered_params = original_params.class.new` returns an
Array with unintended consequences.

existing_acrnoyms -> existing_acronyms

Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces

Fix all violations in the repository.

The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.

Check for any non-UTF8 characters in path parameters at the point they're
set in `env`. Previously they were checked for when used to get a controller
class, but this meant routes that went directly to a Rack app, or skipped
controller instantiation for some other reason, had to defend against
non-UTF8 characters themselves.

* Introduce `Response#strong_etag=` and `#weak_etag=` and analogous options
  for `fresh_when` and `stale?`. `Response#etag=` sets a weak ETag.

  Strong ETags are desirable when you're serving byte-for-byte identical
  responses that support Range requests, like PDFs or videos (typically
  done by reproxying the response from a backend storage service).
  Also desirable when fronted by some CDNs that support strong ETags
  only, like Akamai.

* No longer strips quotes (`"`) from ETag values before comparing them.
  Quotes are significant, part of the ETag. A quoted ETag and an unquoted
  one are not the same entity.

* Support `If-None-Match: *`. Rarely useful for GET requests; meant
  to provide some optimistic concurrency control for PUT requests.