Generated engines should protect from forgery

Generated engines should call `protect_from_forgery`.  If this method
isn't called, then the Engine could be susceptible to XSS attacks.
Thanks @tomekr for reporting this to us!

Conflicts:
	railties/lib/rails/generators/rails/plugin/templates/app/controllers/%namespaced_name%/application_controller.rb.tt
	railties/test/generators/plugin_generator_test.rb

railties/lib/rails/generators/rails/plugin/templates/app/controllers/%name%/application_controller.rb.tt

@@ -1,4 +1,5 @@
 module <%= camelized %>
   class ApplicationController < ActionController::Base
+    protect_from_forgery :with => :exception
   end
 end