Update Rails, rails_xss and Bundler

Update Bundler to 1.0.15.
Update Rails to 2.3.12.
Update rails_xss plugin.

The latter two were the
source of a considerable
amount of grief, as rails_xss
is now MUCH stricter about what
string methods can be used.

Also made it possible to use
rake 0.9.x with Instiki. But
you probably REALLY want to use

 ruby bundle exec rake ...

instead of just saying

 rake ....

vendor/plugins/rails_xss/test/safe_buffer_test.rb

@@ -0,0 +1,51 @@
+require 'test_helper'
+
+class SafeBufferTest < ActiveSupport::TestCase
+  def setup
+    @buffer = ActiveSupport::SafeBuffer.new
+  end
+
+  test "Should look like a string" do
+    assert @buffer.is_a?(String)
+    assert_equal "", @buffer
+  end
+
+  test "Should escape a raw string which is passed to them" do
+    @buffer << "<script>"
+    assert_equal "&lt;script&gt;", @buffer
+  end
+
+  test "Should NOT escape a safe value passed to it" do
+    @buffer << "<script>".html_safe
+    assert_equal "<script>", @buffer
+  end
+
+  test "Should not mess with an innocuous string" do
+    @buffer << "Hello"
+    assert_equal "Hello", @buffer
+  end
+
+  test "Should not mess with a previously escape test" do
+    @buffer << ERB::Util.html_escape("<script>")
+    assert_equal "&lt;script&gt;", @buffer
+  end
+
+  test "Should be considered safe" do
+    assert @buffer.html_safe?
+  end
+
+  test "Should return a safe buffer when calling to_s" do
+    new_buffer = @buffer.to_s
+    assert_equal ActiveSupport::SafeBuffer, new_buffer.class
+  end
+  
+  test "Should not return a safe buffer when using sub" do
+    assert !@buffer.sub('', "asdf").html_safe?
+  end
+  
+  test "Should raise argument error when using sub!" do
+    assert_raise TypeError do
+      @buffer.sub!('', "asdf")
+    end
+  end
+end