[Zope-Coders] Towards 2.6

[Florent Guillaume]

FYI here are the things I want to fix before 2.6 (b3 or final):

- Check in something fixing i18n and Unicode handling for the cases I
  outlined recently. There is too much legacy pages that won't be able
  to use Unicode at all otherwise. See the thread at
  http://lists.zope.org/pipermail/zope-coders/2002-September/002110.html
  for details.

- Fix all the unqualified <dtml-var foo> in the code that are potential
  XSS security bugs. I have a patch that does most of it, actually that
  removes 95% of the <dtml-var foo> to replace them by &dtml-foo;, which
  is the right thing in most cases. Note that it helps auditability a
  lot to be able to grep for '<dtml-var'.

- Maybe improve Catalog speed for CMF, see
  http://lists.zope.org/pipermail/zope-coders/2002-October/002210.html
  I understand it's better to code something in a branch to get feedback
  too, I'll do that.

Florent

-- 
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 87  http://nuxeo.com  mailto:fg@nuxeo.com