HTML-based questions (e.g. images) will not work well with QuestyCaptcha on MediaWiki 1.27 due to an unexcepted HTML escape. This commit fixes the issue by declaring raw HTML form mode, just like MathCaptcha.
Yes, it should allow HTML in questions. QuestyCaptcha doesn't declare the capability of RAW HTML output, but prior to 1.27 HTML-based question works. In MediaWiki 1.27+, QuestyCaptcha with HTML-based questions fails to present excepted HTML content in user registration page as it is force escaped (please see the screenshot below). AFAIK, it still works on other pages (e.g. edit page)
I believe more than one MediaWiki sites, including https://zh.moegirl.org (Moegirlpedia) utilize HTML-based questions in production, a discussion thread called Allow HTML in $wgCaptchaQuestions at https://www.mediawiki.org/wiki/Extension_talk:ConfirmEdit can prove that.
This changeset addresses the issue by declaring RAW HTML output capability in captchaInfo form descriptor and correcting MIME type to text/html in captcha metadata. Other ConfirmEdit captcha providers, for instance, MathCaptcha, has already declared RAW HTML output and correct MIME type (text/html) in its form descriptor and metadata. (https://github.com/wikimedia/mediawiki-extensions-ConfirmEdit/blob/master/MathCaptcha/MathCaptcha.class.php, Line 85 and Line 24)
Bingxing Wang (Ben)
Ok, thanks for clarification! As HTML was allowed in REL1_26 and earlier, I merged the change (even if I think, that a question shouldn't contain HTML, but ok :)) to restrore the status quo :) Thanks for reporting this and submitting a patch!