MC-18467: [Incorrect Escaping] Add proper escaping to translation phrases marked with @NoEscape tag

Author: zakdma

app/code/Magento/Bundle/view/frontend/templates/catalog/product/view/type/bundle/options.phtml

@@ -26,7 +26,7 @@ $options = $block->decorateArray($block->getOptions($stripSelection));
 </script>
         <fieldset class="fieldset fieldset-bundle-options">
             <legend id="customizeTitle" class="legend title">
-                <span><?=/* @noEscape */ __('Customize %1', $helper->productAttribute($product, $product->getName(), 'name')) ?></span>
+                <span><?= $block->escapeHtml(__('Customize %1', $helper->productAttribute($product, $product->getName(), 'name'))) ?></span>
             </legend><br />
             <?= $block->getChildHtml('product_info_bundle_options_top') ?>
             <?php foreach ($options as $option) : ?>

app/code/Magento/Catalog/view/frontend/templates/product/gallery.phtml

@@ -37,7 +37,7 @@
          id="product-gallery-image"
          class="image"
          data-mage-init='{"catalogGallery":{}}'/>
-    <div class="buttons-set"><a href="#" class="button" role="close-window"><span><?= /* @noEscape */ __('Close Window') ?></span></a></div>
+    <div class="buttons-set"><a href="#" class="button" role="close-window"><span><?= $block->escapeHtml(__('Close Window')) ?></span></a></div>
     <?php if ($block->getPreviousImageUrl() || $block->getNextImageUrl()) :?>
         <div class="nav">
             <?php if ($_prevUrl = $block->getPreviousImageUrl()) :?>

app/code/Magento/Downloadable/view/adminhtml/templates/product/edit/downloadable.phtml

@@ -208,7 +208,7 @@ var uploaderTemplate = '<div class="no-display" id="[[idName]]-template">' +
     <input type="checkbox" data-action="change-type-product-downloadable"  class="admin__control-checkbox"
            name="is_downloadable" id="is-downloaodable" <?= $block->isDownloadable() ? 'checked="checked"' : ''?> />
     <label class="admin__field-label" for="is-downloaodable">
-        <span><?= /* @noEscape */ __('Is this a downloadable Product?'); ?></span>
+        <span><?= $block->escapeHtml(__('Is this a downloadable Product?')); ?></span>
     </label>
 </div>
 <div class="entry-edit" id="product_info_tabs_downloadable_items">

app/code/Magento/Downloadable/view/adminhtml/templates/product/edit/downloadable/samples.phtml

@@ -49,7 +49,7 @@ $block->getConfigJson();
                 </table>
             </div>
             <div class="admin__field-note">
-                <?= /* @noEscape */ __('Alphanumeric, dash and underscore characters are recommended for filenames. Improper characters are replaced with \'_\'.') ?>
+                <?= $block->escapeHtml(__('Alphanumeric, dash and underscore characters are recommended for filenames. Improper characters are replaced with \'_\'.')) ?>
             </div>
         </div>
     </div>

app/code/Magento/Vault/view/frontend/templates/cards_list.phtml

@@ -11,12 +11,12 @@ $tokens = $block->getPaymentTokens();
 <?php if (count($tokens) !== 0): ?>
     <div class="table-wrapper my-credit-cards">
         <table class="data table table-credit-cards" id="my-orders-table">
-            <caption class="table-caption"><?= /* @noEscape */ __('Stored Payment Methods') ?></caption>
+            <caption class="table-caption"><?= $block->escapeHtml(__('Stored Payment Methods')) ?></caption>
             <thead>
             <tr>
-                <th scope="col" class="col card-number"><?= /* @noEscape */ __('Card Number') ?></th>
-                <th scope="col" class="col expire"><?= /* @noEscape */ __('Expiration Date') ?></th>
-                <th scope="col" class="col card-type"><?= /* @noEscape */ __('Type') ?></th>
+                <th scope="col" class="col card-number"><?= $block->escapeHtml(__('Card Number')) ?></th>
+                <th scope="col" class="col expire"><?= $block->escapeHtml(__('Expiration Date')) ?></th>
+                <th scope="col" class="col card-type"><?= $block->escapeHtml(__('Type')) ?></th>
                 <th scope="col" class="col actions">&nbsp;</th>
             </tr>
             </thead>
@@ -31,5 +31,5 @@ $tokens = $block->getPaymentTokens();
     </div>
 
 <?php elseif (!$block->isExistsCustomerTokens()): ?>
-    <div class="message info empty"><span><?= /* @noEscape */ __('You have no stored payment methods.') ?></span></div>
+    <div class="message info empty"><span><?= $block->escapeHtml(__('You have no stored payment methods.')) ?></span></div>
 <?php endif ?>