Merge pull request #19 from magento-amigos/2.4-develop-prs-patch-8

ishakhsuvarov · web-flow · commit 6cc5765f2541 · 2022-08-17T08:07:15.000-05:00
[Amigos] Community Contributions – Patch 8
diff --git a/app/code/Magento/Theme/Block/Html/Header.php b/app/code/Magento/Theme/Block/Html/Header.php
@@ -6,6 +6,8 @@
 
 namespace Magento\Theme\Block\Html;
 
+use Magento\Framework\Escaper;
+
 /**
  * Html page header block
  *
@@ -14,6 +16,27 @@
  */
 class Header extends \Magento\Framework\View\Element\Template
 {
+    /**
+     * @var Escaper
+     */
+    private $escaper;
+
+    /**
+     * Constructor
+     *
+     * @param \Magento\Framework\View\Element\Template\Context $context
+     * @param Magento\Framework\Escaper $escaper
+     * @param array $data
+     */
+    public function __construct(
+        \Magento\Framework\View\Element\Template\Context $context,
+        \Magento\Framework\Escaper $escaper,
+        array $data = []
+    ) {
+        $this->escaper = $escaper;
+        parent::__construct($context, $data);
+    }
+
     /**
      * Current template name
      *
@@ -34,6 +57,7 @@ public function getWelcome()
                 \Magento\Store\Model\ScopeInterface::SCOPE_STORE
             );
         }
+        $this->_data['welcome'] =  $this->escaper->escapeQuote($this->_data['welcome'], true);
         return __($this->_data['welcome']);
     }
 }
diff --git a/app/code/Magento/Theme/Test/Unit/Block/Html/HeaderTest.php b/app/code/Magento/Theme/Test/Unit/Block/Html/HeaderTest.php
@@ -14,6 +14,7 @@
 use Magento\Theme\Block\Html\Header;
 use PHPUnit\Framework\MockObject\MockObject;
 use PHPUnit\Framework\TestCase;
+use Magento\Framework\Escaper;
 
 class HeaderTest extends TestCase
 {
@@ -27,6 +28,11 @@ class HeaderTest extends TestCase
      */
     protected $scopeConfig;
 
+    /**
+     * @var Escaper|MockObject
+     */
+    private $escaper;
+
     protected function setUp(): void
     {
         $context = $this->getMockBuilder(Context::class)
@@ -38,10 +44,13 @@ protected function setUp(): void
             ->disableOriginalConstructor()
             ->getMock();
         $context->expects($this->once())->method('getScopeConfig')->willReturn($this->scopeConfig);
-
+        $this->escaper = $this->createPartialMock(Escaper::class, ['escapeQuote']);
         $this->unit = (new ObjectManager($this))->getObject(
             Header::class,
-            ['context' => $context]
+            [
+               'context' => $context,
+               'escaper' => $this->escaper
+            ]
         );
     }
 
@@ -51,6 +60,11 @@ public function testGetWelcomeDefault()
             ->with('design/header/welcome', ScopeInterface::SCOPE_STORE)
             ->willReturn('Welcome Message');
 
+        $this->escaper->expects($this->once())
+            ->method('escapeQuote')
+            ->with('Welcome Message', true)
+            ->willReturn('Welcome Message');
+
         $this->assertEquals('Welcome Message', $this->unit->getWelcome());
     }
 }
diff --git a/app/code/Magento/Theme/view/frontend/templates/html/header.phtml b/app/code/Magento/Theme/view/frontend/templates/html/header.phtml
@@ -10,32 +10,34 @@
  */
 $welcomeMessage = $block->getWelcome();
 ?>
-<?php if ($block->getShowPart() == 'welcome') : ?>
+<?php if ($block->getShowPart() == 'welcome'): ?>
     <li class="greet welcome" data-bind="scope: 'customer'">
         <!-- ko if: customer().fullname  -->
         <span class="logged-in"
-              data-bind="text: new String('<?= $escaper->escapeHtml(__('Welcome, %1!', '%1')) ?>').replace('%1', customer().fullname)">
+              data-bind="text: new String('<?= $escaper->escapeHtml(__('Welcome, %1!', '%1')) ?>').
+              replace('%1', customer().fullname)">
         </span>
         <!-- /ko -->
         <!-- ko ifnot: customer().fullname  -->
         <span class="not-logged-in"
-              data-bind="html: '<?= $escaper->escapeHtmlAttr($welcomeMessage) ?>'"></span>
+              data-bind="text: '<?= $escaper->escapeHtml($welcomeMessage) ?>'"></span>
         <?= $block->getBlockHtml('header.additional') ?>
         <!-- /ko -->
     </li>
+    <?php // phpcs:ignore Magento2.Legacy.PhtmlTemplate ?>
     <script type="text/x-magento-init">
-    {
-        "*": {
-            "Magento_Ui/js/core/app": {
-                "components": {
-                    "customer": {
-                        "component": "Magento_Customer/js/view/customer"
+        {
+            "*": {
+                "Magento_Ui/js/core/app": {
+                    "components": {
+                        "customer": {
+                            "component": "Magento_Customer/js/view/customer"
+                        }
                     }
                 }
             }
         }
-    }
     </script>
-<?php elseif ($block->getShowPart() == 'other') :?>
+<?php elseif ($block->getShowPart() == 'other'): ?>
     <?= $block->getChildHtml() ?>
 <?php endif ?>
diff --git a/app/code/Magento/Translation/Model/Inline/Parser.php b/app/code/Magento/Translation/Model/Inline/Parser.php
@@ -719,7 +719,6 @@ private function _otherText()
                 ],
                 JSON_HEX_QUOT
             );
-
             $spanHtml = $this->_getDataTranslateSpan(
                 '[' . $this->escaper->escapeHtmlAttr($translateProperties) . ']',
                 $matches[1][0]
