Merge pull request #12083 from BlueHotDog/fixing_respond_with

Fixing repond_with working directly on the options hash

actionpack/CHANGELOG.md

@@ -1,3 +1,12 @@
+*   Fixing repond_with working directly on the options hash
+    This fixes an issue where the respond_with worked directly with the given
+    options hash, so that if a user relied on it after calling respond_with,
+    the hash wouldn't be the same.
+
+    Fixes #12029
+
+    *bluehotdog*
+
 *   Fix `ActionDispatch::RemoteIp::GetIp#calculate_ip` to only check for spoofing
     attacks if both `HTTP_CLIENT_IP` and `HTTP_X_FORWARDED_FOR` are set.
 

actionpack/lib/action_controller/metal/mime_responds.rb

@@ -326,6 +326,7 @@ module ActionController #:nodoc:
 
       if collector = retrieve_collector_from_mimes(&block)
         options = resources.size == 1 ? {} : resources.extract_options!
+        options = options.clone
         options[:default_response] = collector.response
         (options.delete(:responder) || self.class.responder).call(self, resources, options)
       end

actionpack/test/controller/mime/respond_with_test.rb

@@ -65,7 +65,17 @@ class RespondWithController < ActionController::Base
     respond_with(resource, :responder => responder)
   end
 
+  def respond_with_additional_params
+    @params = RespondWithController.params
+    respond_with({:result => resource}, @params)
+  end
+
 protected
+  def self.params
+    {
+        :foo => 'bar'
+    }
+  end
 
   def resource
     Customer.new("david", request.delete? ? nil : 13)
@@ -145,6 +155,11 @@ class RespondWithControllerTest < ActionController::TestCase
     Mime::Type.unregister(:mobile)
   end
 
+  def test_respond_with_shouldnt_modify_original_hash
+    get :respond_with_additional_params
+    assert_equal RespondWithController.params, assigns(:params)
+  end
+
   def test_using_resource
     @request.accept = "application/xml"
     get :using_resource