Merge remote-tracking branch '34643/patch-12' into compr_author

Indrani Sonawane · Indrani Sonawane · commit 015206dbadbf · 2024-10-17T14:12:14.000+05:30
diff --git a/app/code/Magento/Review/view/frontend/templates/helper/summary.phtml b/app/code/Magento/Review/view/frontend/templates/helper/summary.phtml
@@ -7,6 +7,7 @@
 /**
  * @var \Magento\Review\Block\Product\ReviewRenderer $block
  * @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
+ * @var \Magento\Framework\Escaper $escaper
  */
 
 $url = $block->getReviewsUrl() . '#reviews';
@@ -18,43 +19,37 @@ $urlForm = $block->getReviewsUrl() . '#review-form';
          itemtype="http://schema.org/AggregateRating">
         <?php if ($rating):?>
         <div class="rating-summary">
-             <span class="label"><span><?= $block->escapeHtml(__('Rating')) ?>:</span></span>
+             <span class="label"><span><?= $escaper->escapeHtml(__('Rating')) ?>:</span></span>
              <div class="rating-result"
-                  id="rating-result_<?= $block->escapeHtmlAttr($block->getProduct()->getId()) ?>"
-                  title="<?= $block->escapeHtmlAttr($rating) ?>%"
-             >
-                 <span>
+                  id="rating-result_<?= $escaper->escapeHtmlAttr($block->getProduct()->getId()) ?>"
+                  title="<?= $escaper->escapeHtmlAttr($rating); ?>%">
+                 <span style="width: <?= $escaper->escapeHtmlAttr($rating); ?>%;">
                      <span>
-                         <span itemprop="ratingValue"><?= $block->escapeHtml($rating); ?>
+                         <span itemprop="ratingValue"><?= $escaper->escapeHtml($rating); ?>
                          </span>% of <span itemprop="bestRating">100</span>
                      </span>
                  </span>
              </div>
          </div>
-            <?= /* @noEscape */
-            $secureRenderer->renderStyleAsTag(
-                'width:' . $block->escapeHtmlAttr($rating) . '%',
-                '#rating-result_' . $block->getProduct()->getId() . ' span'
-            ) ?>
         <?php endif;?>
         <div class="reviews-actions">
             <a class="action view"
-               href="<?= $block->escapeUrl($url) ?>">
-                <span itemprop="reviewCount"><?= $block->escapeHtml($block->getReviewsCount()) ?></span>&nbsp;
-                <span><?= ($block->getReviewsCount() == 1) ? $block->escapeHtml(__('Review')) :
-                        $block->escapeHtml(__('Reviews')) ?>
+               href="<?= $escaper->escapeUrl($url) ?>">
+                <span itemprop="reviewCount"><?= $escaper->escapeHtml($block->getReviewsCount()) ?></span>&nbsp;
+                <span><?= ($block->getReviewsCount() == 1) ? $escaper->escapeHtml(__('Review')) :
+                        $escaper->escapeHtml(__('Reviews')) ?>
                 </span>
             </a>
-            <a class="action add" href="<?= $block->escapeUrl($urlForm) ?>">
-                <?= $block->escapeHtml(__('Add Your Review')) ?>
+            <a class="action add" href="<?= $escaper->escapeUrl($urlForm) ?>">
+                <?= $escaper->escapeHtml(__('Add Your Review')) ?>
             </a>
         </div>
     </div>
 <?php elseif ($block->isReviewEnabled() && $block->getDisplayIfEmpty()): ?>
     <div class="product-reviews-summary empty">
         <div class="reviews-actions">
-            <a class="action add" href="<?= $block->escapeUrl($urlForm) ?>">
-                <?= $block->escapeHtml(__('Be the first to review this product')) ?>
+            <a class="action add" href="<?= $escaper->escapeUrl($urlForm) ?>">
+                <?= $escaper->escapeHtml(__('Be the first to review this product')) ?>
             </a>
         </div>
     </div>
diff --git a/app/code/Magento/Review/view/frontend/templates/helper/summary_short.phtml b/app/code/Magento/Review/view/frontend/templates/helper/summary_short.phtml
@@ -6,6 +6,7 @@
 
 /** @var \Magento\Review\Block\Product\ReviewRenderer $block */
 /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */
+/** @var \Magento\Framework\Escaper $escaper */
 
 $url = $block->getReviewsUrl() . '#reviews';
 $urlForm = $block->getReviewsUrl() . '#review-form';
@@ -15,32 +16,30 @@ $urlForm = $block->getReviewsUrl() . '#review-form';
     <div class="product-reviews-summary short<?= !$rating ? ' no-rating' : '' ?>">
         <?php if ($rating):?>
         <div class="rating-summary">
-            <span class="label"><span><?= $block->escapeHtml(__('Rating')) ?>:</span></span>
+            <span class="label"><span><?= $escaper->escapeHtml(__('Rating')) ?>:</span></span>
             <div class="rating-result"
                  id="rating-result_<?= /* @noEscape */ $block->getProduct()->getId() ?>"
-                 title="<?= $block->escapeHtmlAttr($rating) ?>%">
-                <span><span><?= $block->escapeHtml($rating) ?>%</span></span>
+                 title="<?= $escaper->escapeHtmlAttr($rating) ?>%">
+                <span style="width: <?= $escaper->escapeHtmlAttr($rating) ?>%;">
+                    <span><?= $escaper->escapeHtml($rating) ?>%</span>
+                </span>
             </div>
-            <?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
-                'width:' . $block->escapeHtmlAttr($rating) . '%',
-                '#rating-result_' . $block->getProduct()->getId() . ' span'
-            ) ?>
         </div>
         <?php endif;?>
         <div class="reviews-actions">
             <a class="action view"
-               href="<?= $block->escapeUrl($url) ?>"><?= $block->escapeHtml($block->getReviewsCount()) ?>
+               href="<?= $escaper->escapeUrl($url) ?>"><?= $escaper->escapeHtml($block->getReviewsCount()) ?>
                 &nbsp;<span><?= ($block->getReviewsCount() == 1) ?
-                        $block->escapeHtml(__('Review')) : $block->escapeHtml(__('Reviews')) ?>
+                        $escaper->escapeHtml(__('Review')) : $escaper->escapeHtml(__('Reviews')) ?>
                 </span>
             </a>
         </div>
     </div>
 <?php elseif ($block->isReviewEnabled() && $block->getDisplayIfEmpty()): ?>
     <div class="product-reviews-summary short empty">
         <div class="reviews-actions">
-            <a class="action add" href="<?= $block->escapeUrl($urlForm) ?>">
-                <?= $block->escapeHtml(__('Be the first to review this product')) ?>
+            <a class="action add" href="<?= $escaper->escapeUrl($urlForm) ?>">
+                <?= $escaper->escapeHtml(__('Be the first to review this product')) ?>
             </a>
         </div>
     </div>
diff --git a/app/code/Magento/Review/view/frontend/templates/product/view/list.phtml b/app/code/Magento/Review/view/frontend/templates/product/view/list.phtml
@@ -49,17 +49,12 @@ $format = $block->getDateFormat() ?: \IntlDateFormatter::SHORT;
                                              title="<?= $escaper->escapeHtmlAttr($_vote->getPercent()) ?>%">
                                             <meta itemprop="worstRating" content="1"/>
                                             <meta itemprop="bestRating" content="100"/>
-                                            <span>
+                                            <span style="width: <?= $escaper->escapeHtml($_vote->getPercent()) ?>%;">
                                                 <span itemprop="ratingValue">
                                                     <?= $escaper->escapeHtml($_vote->getPercent()) ?>%
                                                 </span>
                                             </span>
                                         </div>
-                                        <?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
-                                            'width:' . $_vote->getPercent() . '%',
-                                            'div#review_' . $_review->getReviewId()
-                                            . '_vote_' . $_vote->getVoteId() . ' span'
-                                        ) ?>
                                     </div>
                                 <?php endforeach; ?>
                             </div>
diff --git a/app/code/Magento/Review/view/frontend/templates/view.phtml b/app/code/Magento/Review/view/frontend/templates/view.phtml
@@ -7,51 +7,48 @@
 /**
  * @var \Magento\Review\Block\View $block
  * @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
+ * @var \Magento\Framework\Escaper $escaper
  */
 ?>
 <?php if ($block->getProductData()->getId()): ?>
 <div class="product-review">
     <div class="page-title-wrapper">
-        <h1><?= $block->escapeHtml(__('Review Details')) ?></h1>
+        <h1><?= $escaper->escapeHtml(__('Review Details')) ?></h1>
     </div>
     <div class="product-img-box">
-        <a href="<?= $block->escapeUrl($block->getProductData()->getProductUrl()) ?>">
-            <?= $block->getImage($block->getProductData(), 'product_base_image', ['class' => 'product-image'])->toHtml()
+        <a href="<?= $escaper->escapeUrl($block->getProductData()->getProductUrl()) ?>">
+            <?= $block->getImage($block->getProductData(), 'product_base_image', [
+                'class' => 'product-image'])->toHtml()
             ?>
         </a>
         <?php if ($block->getRating() && $block->getRating()->getSize()): ?>
-            <p><?= $block->escapeHtml(__('Average Customer Rating')) ?>:</p>
+            <p><?= $escaper->escapeHtml(__('Average Customer Rating')) ?>:</p>
             <?= $block->getReviewsSummaryHtml($block->getProductData()) ?>
         <?php endif; ?>
     </div>
     <div class="details">
-        <h3 class="product-name"><?= $block->escapeHtml($block->getProductData()->getName()) ?></h3>
+        <h3 class="product-name"><?= $escaper->escapeHtml($block->getProductData()->getName()) ?></h3>
         <?php if ($block->getRating() && $block->getRating()->getSize()): ?>
-            <h4><?= $block->escapeHtml(__('Product Rating:')) ?></h4>
+            <h4><?= $escaper->escapeHtml(__('Product Rating:')) ?></h4>
             <div class="table-wrapper">
                 <table class="data-table review-summary-table">
-                    <caption class="table-caption"><?= $block->escapeHtml(__('Product Rating')) ?></caption>
+                    <caption class="table-caption"><?= $escaper->escapeHtml(__('Product Rating')) ?></caption>
                     <?php foreach ($block->getRating() as $_rating): ?>
                         <?php if ($_rating->getPercent()): ?>
                             <?php $rating = ceil($_rating->getPercent()) ?>
                             <tr>
                                 <td class="label" width="10%">
-                                    <?= $block->escapeHtml(__($_rating->getRatingCode())) ?>
+                                    <?= $escaper->escapeHtml(__($_rating->getRatingCode())) ?>
                                 </td>
                                 <td class="value">
                                     <?php $ratingId = $_rating->getRatingId() ?>
                                     <div class="rating-summary item"
-                                         id="rating-div-<?= $block->escapeHtml($ratingId) ?>">
+                                         id="rating-div-<?= $escaper->escapeHtml($ratingId) ?>">
                                         <div class="rating-result" title="<?= /* @noEscape */ $rating ?>%">
-                                            <span>
+                                            <span style="width: <?= /* @noEscape */ $rating ?>%;">
                                                 <span><?= /* @noEscape */ $rating ?>%</span>
                                             </span>
                                         </div>
-                                        <?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
-                                            "width:" . /* @noEscape */ $rating . "%",
-                                            'div#rating-div-'.$_rating->getRatingId().
-                                            '>div.rating-result>span:first-child'
-                                        ) ?>
                                     </div>
                                 </td>
                             </tr>
@@ -61,16 +58,16 @@
             </div>
         <?php endif; ?>
         <p class="date">
-            <?= $block->escapeHtml(
+            <?= $escaper->escapeHtml(
                 __('Product Review (submitted on %1):', $block->dateFormat($block->getReviewData()->getCreatedAt()))
             ) ?>
         </p>
-        <p><?= /* @noEscape */ nl2br($block->escapeHtml($block->getReviewData()->getDetail())) ?></p>
+        <p><?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getReviewData()->getDetail())) ?></p>
     </div>
     <div class="actions">
         <div class="secondary">
-            <a class="action back" href="<?= $block->escapeUrl($block->getBackUrl()) ?>">
-                <span><?= $block->escapeHtml(__('Back to Product Reviews')) ?></span>
+            <a class="action back" href="<?= $escaper->escapeUrl($block->getBackUrl()) ?>">
+                <span><?= $escaper->escapeHtml(__('Back to Product Reviews')) ?></span>
             </a>
         </div>
     </div>
