Fix failing test related to escaping include_blank in select_tag

Rails 3.0.x doesn't have the :prompt option in select_tag, it was
introduced in c5d54be that is only
available from 3.1.x on.

The test and related fix were introduced in
c979587 for Rails 3.0.17, as a fix for
a security vulnerability. The code is completely fine but the test was
using the invalid :prompt option for this version, probably because it
was cherry-picked from other branch which has the option.

actionpack/CHANGELOG

@@ -19,9 +19,9 @@
 
   *Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*
 
-* When a "prompt" value is supplied to the `select_tag` helper, the "prompt" value is not escaped.  If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks.
+* When an "include_blank" value is supplied to the `select_tag` helper, the "include_blank" value is not escaped.  If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks.
   Vulnerable code will look something like this:
-    select_tag("name", options, :prompt => UNTRUSTED_INPUT)
+    select_tag("name", options, :include_blank => UNTRUSTED_INPUT)
 
   *Santiago Pastorino*
 

actionpack/test/template/form_tag_helper_test.rb

@@ -195,8 +195,8 @@ def test_select_tag_with_include_blank
     assert_dom_equal expected, actual
   end
 
-  def test_select_tag_escapes_prompt
-    actual = select_tag "places", "<option>Home</option><option>Work</option><option>Pub</option>".html_safe, :prompt => "<script>alert(1337)</script>"
+  def test_select_tag_escapes_include_blank
+    actual = select_tag "places", "<option>Home</option><option>Work</option><option>Pub</option>".html_safe, :include_blank => "<script>alert(1337)</script>"
     expected = %(<select id="places" name="places"><option value="">&lt;script&gt;alert(1337)&lt;/script&gt;</option><option>Home</option><option>Work</option><option>Pub</option></select>)
     assert_dom_equal expected, actual
   end