@@ -57,14 +57,14 @@ When using the `\Magento\Framework\Escaper` or `$escaper`:
5757** The following code sample illustrates XSS-safe output in templates:**
5858
5959``` php
60- <?php echo $block->getTitleHtml() ?>
61- <?php echo $block->getHtmlTitle() ?>
62- <?php echo $escaper->escapeHtml($block->getTitle()) ?>
63- <?php echo (int)$block->getId() ?>
64- <?php echo count($var); ?>
65- <?php echo 'some text' ?>
66- <?php echo "some text" ?>
67- <a href =" <?php echo $escaper->escapeUrl($block->getUrl()) ?>" php echo $block->getAnchorTextHtml() ?></a >
60+ <?= $block->getTitleHtml() ?>
61+ <?= $block->getHtmlTitle() ?>
62+ <?= $escaper->escapeHtml($block->getTitle()) ?>
63+ <?= (int)$block->getId() ?>
64+ <?= count($var); ?>
65+ <?= 'some text' ?>
66+ <?= "some text" ?>
67+ <a href =" <?= $escaper->escapeUrl($block->getUrl()) ?>" = $block->getAnchorTextHtml() ?></a >
6868```
6969
7070** When to use Escaper methods:**
@@ -98,10 +98,10 @@ If a tag is allowed, the following attributes will not be escaped: `id`, `class`
9898` ` , ` ` , ` ` , ` ` , ` ` , ` ` , ` ` and ` ` tags are not allowed, regardless of the content of this array.
9999
100100` ` `
101- < span class = " label" >< ? php echo $escaper- > escapeHtml ($block- > getLabel ()) ? >< / span>
101+ < span class = " label" >< ? = $escaper- > escapeHtml ($block- > getLabel ()) ? >< / span>
102102 // Escaping translation
103103 < div id= ' my-element' >
104- < ? php echo $escaper- > escapeHtml (__ (' Only registered users can write reviews. Please <a href="%1">Sign in</a> or <a href="%2">create an account</a>' - > getLoginUrl (), $block- > getCreateAccountUrl ()), [' a' ? >
104+ < ? = $escaper- > escapeHtml (__ (' Only registered users can write reviews. Please <a href="%1">Sign in</a> or <a href="%2">create an account</a>' - > getLoginUrl (), $block- > getCreateAccountUrl ()), [' a' ? >
105105 < / div>
106106` ` `
107107
0 commit comments