On 11/24/2010 02:19 PM, Thomas Mortagne wrote: > Hi devs, > > $xwiki.parseMessage is used to parse velocity located in a translation > message. > > Thing it for me it's very bad (bad design and very bad for > performances and most of all for security) to have velocity in > translation messages which makes $xwiki.parseMessage useless and some > other would say a security hole (see > http://jira.xwiki.org/jira/browse/XWIKI-5684). > > So I propose to deprecate it in 2.7 to make sure we don't use that anymore. > > WDYT ? >
+1. -- Sergiu Dumitriu http://purl.org/net/sergiu/ _______________________________________________ devs mailing list devs@xwiki.org http://lists.xwiki.org/mailman/listinfo/devs
