diff --git a/activerecord/lib/active_record/associations/collection_proxy.rb b/activerecord/lib/active_record/associations/collection_proxy.rb
index 74084284936eb..294aa63f752c4 100644
--- a/activerecord/lib/active_record/associations/collection_proxy.rb
+++ b/activerecord/lib/active_record/associations/collection_proxy.rb
@@ -636,6 +636,27 @@ class CollectionProxy < Relation
       #
       #   Pet.find(4, 5, 6) # => ActiveRecord::RecordNotFound: Couldn't find all Pets with IDs (4, 5, 6)
 
+      ##
+      # :method: uniq
+      #
+      # :call-seq:
+      #   uniq()
+      #
+      # Specifies whether the records should be unique or not.
+      #
+      #   class Person < ActiveRecord::Base
+      #     has_many :pets
+      #   end
+      #
+      #   person.pets.select(:name)
+      #   # => [
+      #   #      #<Pet name: "Fancy-Fancy">,
+      #   #      #<Pet name: "Fancy-Fancy">
+      #   #    ]
+      #
+      #   person.pets.select(:name).uniq
+      #   # => [#<Pet name: "Fancy-Fancy">]
+
       ##
       # :method: count
       #
diff --git a/activerecord/lib/active_record/core.rb b/activerecord/lib/active_record/core.rb
index f2833fbf3cdfe..80c6f20b1ae1d 100644
--- a/activerecord/lib/active_record/core.rb
+++ b/activerecord/lib/active_record/core.rb
@@ -10,9 +10,10 @@ module Core
     included do
       ##
       # :singleton-method:
-      # Accepts a logger conforming to the interface of Log4r or the default Ruby 1.8+ Logger class,
-      # which is then passed on to any new database connections made and which can be retrieved on both
-      # a class and instance level by calling +logger+.
+      #
+      # Accepts a logger conforming to the interface of Log4r which is then
+      # passed on to any new database connections made and which can be
+      # retrieved on both a class and instance level by calling +logger+.
       config_attribute :logger, :global => true
 
       ##
diff --git a/activesupport/lib/active_support/core_ext/hash/keys.rb b/activesupport/lib/active_support/core_ext/hash/keys.rb
index e5e77bcef45ac..8e728691c6756 100644
--- a/activesupport/lib/active_support/core_ext/hash/keys.rb
+++ b/activesupport/lib/active_support/core_ext/hash/keys.rb
@@ -1,8 +1,10 @@
 class Hash
   # Return a new hash with all keys converted using the block operation.
   #
-  #  { :name => 'Rob', :years => '28' }.transform_keys{ |key| key.to_s.upcase }
-  #  # => { "NAME" => "Rob", "YEARS" => "28" }
+  #  hash = { name: 'Rob', age: '28' }
+  #
+  #  hash.transform_keys{ |key| key.to_s.upcase }
+  #  # => { "NAME" => "Rob", "AGE" => "28" }
   def transform_keys
     result = {}
     keys.each do |key|
@@ -22,8 +24,10 @@ def transform_keys!
 
   # Return a new hash with all keys converted to strings.
   #
-  #   { :name => 'Rob', :years => '28' }.stringify_keys
-  #   #=> { "name" => "Rob", "years" => "28" }
+  #   hash = { name: 'Rob', age: '28' }
+  #
+  #   hash.stringify_keys
+  #   #=> { "name" => "Rob", "age" => "28" }
   def stringify_keys
     transform_keys{ |key| key.to_s }
   end
@@ -37,8 +41,10 @@ def stringify_keys!
   # Return a new hash with all keys converted to symbols, as long as
   # they respond to +to_sym+.
   #
-  #   { 'name' => 'Rob', 'years' => '28' }.symbolize_keys
-  #   #=> { :name => "Rob", :years => "28" }
+  #   hash = { 'name' => 'Rob', 'age' => '28' }
+  #
+  #   hash.symbolize_keys
+  #   #=> { name: "Rob", age: "28" }
   def symbolize_keys
     transform_keys{ |key| key.to_sym rescue key }
   end
@@ -69,8 +75,10 @@ def assert_valid_keys(*valid_keys)
   # This includes the keys from the root hash and from all
   # nested hashes.
   #
-  #  { :person => { :name => 'Rob', :years => '28' } }.deep_transform_keys{ |key| key.to_s.upcase }
-  #  # => { "PERSON" => { "NAME" => "Rob", "YEARS" => "28" } }
+  #  hash = { person: { name: 'Rob', age: '28' } }
+  #
+  #  hash.deep_transform_keys{ |key| key.to_s.upcase }
+  #  # => { "PERSON" => { "NAME" => "Rob", "AGE" => "28" } }
   def deep_transform_keys(&block)
     result = {}
     each do |key, value|
@@ -93,6 +101,11 @@ def deep_transform_keys!(&block)
   # Return a new hash with all keys converted to strings.
   # This includes the keys from the root hash and from all
   # nested hashes.
+  #
+  #   hash = { person: { name: 'Rob', age: '28' } }
+  #
+  #   hash.deep_stringify_keys
+  #   # => { "person" => { "name" => "Rob", "age" => "28" } }
   def deep_stringify_keys
     deep_transform_keys{ |key| key.to_s }
   end
@@ -107,6 +120,11 @@ def deep_stringify_keys!
   # Return a new hash with all keys converted to symbols, as long as
   # they respond to +to_sym+. This includes the keys from the root hash
   # and from all nested hashes.
+  #
+  #   hash = { 'person' => { 'name' => 'Rob', 'age' => '28' } }
+  #
+  #   hash.deep_symbolize_keys
+  #   # => { person: { name: "Rob", age: "28" } }
   def deep_symbolize_keys
     deep_transform_keys{ |key| key.to_sym rescue key }
   end
diff --git a/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb b/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb
index f914425827a4f..b8cb2e347f45f 100644
--- a/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb
+++ b/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb
@@ -48,17 +48,17 @@ def #{sym}=(obj)
   #
   #  module AppConfiguration
   #    mattr_accessor :google_api_key
-  #    self.google_api_key = "123456789"
   #
-  #    mattr_accessor :paypal_url
-  #    self.paypal_url = "www.sandbox.paypal.com"
+  #    self.google_api_key = "123456789"
   #  end
   #
+  #  AppConfiguration.google_api_key # => "123456789"
   #  AppConfiguration.google_api_key = "overriding the api key!"
+  #  AppConfiguration.google_api_key # => "overriding the api key!"
   #
-  # To opt out of the instance writer method, pass :instance_writer => false.
-  # To opt out of the instance reader method, pass :instance_reader => false.
-  # To opt out of both instance methods, pass :instance_accessor => false.
+  # To opt out of the instance writer method, pass instance_writer: false.
+  # To opt out of the instance reader method, pass instance_reader: false.
+  # To opt out of both instance methods, pass instance_accessor: false.
   def mattr_accessor(*syms)
     mattr_reader(*syms)
     mattr_writer(*syms)
diff --git a/guides/source/security.textile b/guides/source/security.textile
index ac55d60368422..cc0894fc77200 100644
--- a/guides/source/security.textile
+++ b/guides/source/security.textile
@@ -236,6 +236,17 @@ protect_from_forgery :secret => "123456789012345678901234567890..."
 
 This will automatically include a security token, calculated from the current session and the server-side secret, in all forms and Ajax requests generated by Rails. You won't need the secret, if you use CookieStorage as session storage. If the security token doesn't match what was expected, the session will be reset. *Note:* In Rails versions prior to 3.0.4, this raised an <tt>ActionController::InvalidAuthenticityToken</tt> error.
 
+It is common to use persistent cookies to store user information, with +cookies.permanent+ for example. In this case, the cookies will not be cleared and the out of the box CSRF protection will not be effective. If you are using a different cookie store than the session for this information, you must handle what to do with it yourself:
+
+<ruby>
+def handle_unverified_request
+  super
+  sign_out_user # Example method that will destroy the user cookies.
+end
+</ruby>
+
+The above method can be placed in the +ApplicationController+ and will be called when a CSRF token is not present on a non-GET request.
+
 Note that _(highlight)cross-site scripting (XSS) vulnerabilities bypass all CSRF protections_. XSS gives the attacker access to all elements on a page, so he can read the CSRF security token from a form or directly submit the form. Read <a href="#cross-site-scripting-xss">more about XSS</a> later.
 
 h3. Redirection and Files