Revert "SECURITY: Escape rawElement $content"

This reverts commit 596c2615de.

Reason for revert: This has already been fixed in
I7fe42df7b9a3fd97eaf89515b7c1afb5ae3e688c. This second patch does not
address the issue properly and causes strings to be double escaped that
should only be escaped once.

Full reasoning:
* The parameter is now marked as `@param-taint $buttonLabel exec_html`
  since the fix for T402313
* All callers outside of HTMLButtonField escape the label now
* There is another method call in HTMLButtonField, which passes the
  `buttonLabel` property to the function. This property is assigned
  in the following places:
** L63: Parsed message
** L67: String literal with a unicode character
** L69: Escaped string
** L72: Intentionally raw HTML string
** L126: `$this->getDefault()`, which will be escaped again in that line
   after this patch is reverted


Bug: T394396
Change-Id: Ifc982e93c3cf2b6658cb8943eb717cb7a2aea7f5

includes/htmlform/fields/HTMLButtonField.php

@@ -121,7 +121,7 @@ class HTMLButtonField extends HTMLFormField {
 
 	public function getInputCodex( $value, $hasErrors ) {
 		$flags = $this->mFlags;
-		$buttonLabel = $this->buttonLabel ?: $this->getDefault();
+		$buttonLabel = $this->buttonLabel ?: htmlspecialchars( $this->getDefault() );
 		$buttonClasses = [ 'mw-htmlform-submit', 'cdx-button', $this->mClass ];
 		$buttonAttribs = [
 			'class' => $buttonClasses,
@@ -171,7 +171,7 @@ class HTMLButtonField extends HTMLFormField {
 		$attribs['class'] = $buttonClassesAndFlags;
 
 		$buttonHtml = Html::rawElement(
-			'button', $attribs, htmlspecialchars( $buttonLabel )
+			'button', $attribs, $buttonLabel
 		);
 
 		return $buttonHtml;