4 files changed, 21 insertions, 18 deletions

diff --git a/lib/rack/multipart.rb b/lib/rack/multipart.rb
index 2015a3d6..c522abdc 100644
--- a/lib/rack/multipart.rb
+++ b/lib/rack/multipart.rb
@@ -21,7 +21,7 @@ module Rack
     MULTIPART_CONTENT_ID = /Content-ID:\s*([^#{EOL}]*)/ni
 
     class << self
-      def parse_multipart(env, params = QueryParser::DEFAULT)
+      def parse_multipart(env, params = Rack::Utils.default_query_parser)
         Parser.create(env, params).parse
       end
 
diff --git a/lib/rack/query_parser.rb b/lib/rack/query_parser.rb
index ca73f001..118bd704 100644
--- a/lib/rack/query_parser.rb
+++ b/lib/rack/query_parser.rb
@@ -12,10 +12,15 @@ module Rack
     # sequence.
     class InvalidParameterError < ArgumentError; end
 
-    attr_reader :params_class
+    def self.make_default(key_space_limit)
+      new Params, key_space_limit
+    end
+
+    attr_reader :params_class, :key_space_limit
 
-    def initialize(params_class)
+    def initialize(params_class, key_space_limit)
       @params_class = params_class
+      @key_space_limit = key_space_limit
     end
 
     # Stolen from Mongrel, with some small modifications:
@@ -103,7 +108,11 @@ module Rack
     end
 
     def make_params
-      @params_class.new
+      @params_class.new @key_space_limit
+    end
+
+    def new(key_space_limit)
+      self.class.new @params_class, key_space_limit
     end
 
     private
@@ -117,14 +126,8 @@ module Rack
     end
 
     class Params
-      class << self
-        # The default number of bytes to allow parameter keys to take up.
-        # This helps prevent a rogue client from flooding a Request.
-        attr_accessor :limit
-      end
-
-      def initialize(limit = self.class.limit)
-        @limit  = limit || 65536
+      def initialize(limit)
+        @limit  = limit
         @size   = 0
         @params = {}
       end
@@ -160,7 +163,5 @@ module Rack
         hash
       end
     end
-
-    DEFAULT = new(Params)
   end
 end
diff --git a/lib/rack/request.rb b/lib/rack/request.rb
index 8115bdbe..bbb15826 100644
--- a/lib/rack/request.rb
+++ b/lib/rack/request.rb
@@ -308,7 +308,7 @@ module Rack
     end
 
     def query_parser
-      QueryParser::DEFAULT
+      Utils.default_query_parser
     end
 
     def xhr?
diff --git a/lib/rack/utils.rb b/lib/rack/utils.rb
index e7d6a131..c00cec25 100644
--- a/lib/rack/utils.rb
+++ b/lib/rack/utils.rb
@@ -22,7 +22,9 @@ module Rack
     class << self
       attr_accessor :default_query_parser
     end
-    self.default_query_parser = QueryParser::DEFAULT
+    # The default number of bytes to allow parameter keys to take up.
+    # This helps prevent a rogue client from flooding a Request.
+    self.default_query_parser = QueryParser.make_default(65536)
 
     # URI escapes. (CGI style space to +)
     def escape(s)
@@ -55,11 +57,11 @@ module Rack
     self.multipart_part_limit = (ENV['RACK_MULTIPART_PART_LIMIT'] || ENV['RACK_MULTIPART_LIMIT'] || 128).to_i
 
     def self.key_space_limit
-      default_query_parser.params_class.limit
+      default_query_parser.key_space_limit
     end
 
     def self.key_space_limit=(v)
-      default_query_parser.params_class.limit = v
+      self.default_query_parser = self.default_query_parser.new(v)
     end
 
     def parse_query(qs, d = nil, &unescaper)