MC-16877: Eliminate @escapeNotVerified in Catalog Inventory Modules

Hwashiang Yu · Hwashiang Yu · commit 63f072054141 · 2019-05-23T10:29:50.000-05:00
- Resolved incorrect escapes
diff --git a/app/code/Magento/CatalogInventory/view/frontend/templates/qtyincrements.phtml b/app/code/Magento/CatalogInventory/view/frontend/templates/qtyincrements.phtml
@@ -10,6 +10,6 @@
 ?>
 <?php if ($block->getProductQtyIncrements()) : ?>
     <div class="product pricing">
-        <?= /* @noEscape */ __('%1 is available to buy in increments of %2', $block->escapeHtml($block->getProductName()), $block->escapeHtml($block->getProductQtyIncrements())) ?>
+        <?= $block->escapeHtml(__('%1 is available to buy in increments of %2', $block->getProductName(), $block->getProductQtyIncrements())) ?>
     </div>
 <?php endif ?>
diff --git a/app/code/Magento/CatalogInventory/view/frontend/templates/stockqty/composite.phtml b/app/code/Magento/CatalogInventory/view/frontend/templates/stockqty/composite.phtml
@@ -13,9 +13,9 @@
         <a href="#"
            data-mage-init='{"toggleAdvanced": {"selectorsToggleClass": "active", "baseToggleClass": "expanded", "toggleContainers": "#<?= $block->escapeHtmlAttr($block->getDetailsPlaceholderId()) ?>"}}'
            id="<?= $block->escapeHtmlAttr($block->getPlaceholderId()) ?>"
-           title="<?= /* @noEscape */ __('Only %1 left', ($block->escapeHtmlAttr($block->getStockQtyLeft()))) ?>"
+           title="<?= $block->escapeHtmlAttr(__('Only %1 left', ($block->getStockQtyLeft()))) ?>"
            class="action show">
-            <?= /* @noEscape */ __('Only %1 left', "<strong>{$block->escapeHtml($block->getStockQtyLeft())}</strong>") ?>
+            <?= $block->escapeHtml(__('Only %1 left', "<strong>{$block->getStockQtyLeft()}</strong>")) ?>
         </a>
     </div>
     <div class="availability only detailed" id="<?= $block->escapeHtmlAttr($block->getDetailsPlaceholderId()) ?>">
@@ -33,8 +33,8 @@
                     <?php $childProductStockQty = $block->getProductStockQty($childProduct); ?>
                     <?php if ($childProductStockQty > 0) : ?>
                         <tr>
-                            <td data-th="<?= $block->escapeHtml(__('Product Name')) ?>" class="col item"><?= $block->escapeHtml($childProduct->getName()) ?></td>
-                            <td data-th="<?= $block->escapeHtml(__('Qty')) ?>" class="col qty"><?= $block->escapeHtml($childProductStockQty) ?></td>
+                            <td data-th="<?= $block->escapeHtmlAttr(__('Product Name')) ?>" class="col item"><?= $block->escapeHtml($childProduct->getName()) ?></td>
+                            <td data-th="<?= $block->escapeHtmlAttr(__('Qty')) ?>" class="col qty"><?= $block->escapeHtml($childProductStockQty) ?></td>
                         </tr>
                     <?php endif ?>
                 <?php endforeach ?>
diff --git a/app/code/Magento/CatalogInventory/view/frontend/templates/stockqty/default.phtml b/app/code/Magento/CatalogInventory/view/frontend/templates/stockqty/default.phtml
@@ -9,7 +9,7 @@
  */
 ?>
 <?php if ($block->isMsgVisible()) : ?>
-    <div class="availability only" title="<?= /* @noEscape */ __('Only %1 left', ($block->escapeHtmlAttr($block->getStockQtyLeft()))) ?>">
-        <?= /* @noEscape */ __('Only %1 left', "<strong>{$block->escapeHtml($block->getStockQtyLeft())}</strong>") ?>
+    <div class="availability only" title="<?= $block->escapeHtmlAttr(__('Only %1 left', ($block->getStockQtyLeft()))) ?>">
+        <?= $block->escapeHtml(__('Only %1 left', "<strong>{$block->getStockQtyLeft()}</strong>")) ?>
     </div>
 <?php endif ?>
