Also, one other bit of strangeness:
{| | http://a%7C
HTML output:
<table> <tr> <td>" class='external free' title="http://a|" rel="nofollow">http://a|</a> --------------------------------- Note that somewhere along the line the Parser eats the '<a href="http://a' string. Available online at http://nickj.org/MediaWiki/Parser13
Similar to the above is this: -------------------------- {| !https://%7C%7C%7C%7C%7C%7C --------------------------
Which in MediaWiki 1.6.1 also eats the "<a href" part, giving: -------------------------- <table> <tr> <th>|||||" class='external free' title="https://%7C%7C%7C%7C%7C%7C" rel="nofollow">https://</th><th></th><th></th><th></a> --------------------------
Available online at http://nickj.org/MediaWiki/Parser16 , and full list at http://nickj.org/MediaWiki
Also, I have no idea if multi-line HREF URLs should be allowed: http://nickj.org/MediaWiki/Parser20 . It passes W3C validation, but the link doesn't work (at least in Firefox), so I can't decide if it should be considered wrong or not.
I must say though, it seems to me that 1.6.1 has improved a lot on the Parser areas that could potentially have a security impact as compared to 1.5.8.
All the best, Nick.