For memory, eZ uses XHTML 1.0 transitional as DOCTYPE (at least for ezwebin, I guess it's the same doctype for ezflow or standard)
As a result, all css or js code should be wrapped with <![CDATA[ .... ]]>, in order to be sure to validate according to http://validator.w3.org, whatever the css or js code contains
Good point, ezjscore (in its latest version) wraps inline js code with cdata
In fact the symbol < and & will make the page NOT validate if not wrapped with CDATA, which may occur often.
For a test, you can try with the following code:
And if you delete at least one CDATA, the page won't validate anymore.
=> Maybe you could consider scanning the .tpl files, looking for css/js inline code, and wrap the content with cdata ?
In attachment a quick scan.php that highlights files that contain js/css code not wrapped.
You can change the define at the start of the file to accept <!-- ... //--> as valid js wrapper, but CDATA should really be used instead...