On Thursday 08 Aug 2002 9:29 pm, Martijn Pieters wrote: > On Thu, Aug 08, 2002 at 08:19:12PM +0100, Toby Dickenson wrote: > > > I am about to land some big changes in the way DTML deals with data > > > taken from the REQUEST object when accessed implicitly, in both the > > > Zope Trunk and the Zope 2.5 branch. > > > > In my opinion this change is completely unacceptable at this late stage > > of > > > > the release cycle. As you said: > > > These changes could potentially break existing Zope sites. > > > > The existing behavior might be flawed, but it is a flaw we have all lived > > with for a long time. In my opinion this needs: > > > > 1. To be deferred until the 2.7 cycle. > > > > 2. A detailed fishbowl proposal. > > Note that the problems fixed are potential security problems. Although we > cannot fix every site out there for sure, the fixes certainly dramatically > reduce the risks.