HTML files uploaded to the wikis are now served as plain text, so
browsers will show the HTML source instead of interpreting it as a web
page.
This should reduce the possibility of stealing peoples' login cookies by
getting them to click on a link to an uploaded HTML file containing
javascript.
(Uploading HTML files has never been recommended. Preferably host 'live'
example HTML files on your own web site and link rather than uploading
them to the Wikipedia server.)
-- brion vibber (brion @
pobox.com)