merge magento-commerce/2.4-develop into magento-tsg/2.4-develop-pr135

Author: magento-mts-svc

app/code/Magento/Cookie/view/base/web/js/jquery.storageapi.extended.js

@@ -16,9 +16,11 @@ define([
      * @private
      */
     function _extend(storage) {
+        var cookiesConfig = window.cookiesConfig || {};
+
         $.extend(storage, {
-            _secure: window.cookiesConfig ? window.cookiesConfig.secure : false,
-            _samesite: window.cookiesConfig ? window.cookiesConfig.samesite : 'lax',
+            _secure: !!cookiesConfig.secure,
+            _samesite: cookiesConfig.samesite ? cookiesConfig.samesite : 'lax',
 
             /**
              * Set value under name

app/code/Magento/MediaGalleryUi/view/adminhtml/web/js/validation/validate-image-description.js

@@ -12,7 +12,7 @@ define([
 
     $.validator.addMethod(
         'validate-image-description', function (value) {
-            return /^[a-zA-Z0-9\-\_\.\,\n\ ]+$|^$/i.test(value);
+            return /^[a-zA-Z0-9\-\_\.\,\n\s]+$|^$/i.test(value);
 
         }, $.mage.__('Please use only letters (a-z or A-Z), numbers (0-9), ' +
             'dots (.), commas(,), underscores (_), dashes (-), and spaces on this field.'));

app/code/Magento/MediaGalleryUi/view/adminhtml/web/js/validation/validate-image-title.js

@@ -12,7 +12,7 @@ define([
 
     $.validator.addMethod(
         'validate-image-title', function (value) {
-            return /^[a-zA-Z0-9\-\_\.\,\ ]+$/i.test(value);
+            return /^[a-zA-Z0-9\-\_\.\,\s]+$/i.test(value);
 
         }, $.mage.__('Please use only letters (a-z or A-Z), numbers (0-9), dots (.), commas(,), ' +
             'underscores (_), dashes(-) and spaces on this field.'));

app/code/Magento/PageCache/view/frontend/web/js/form-key-provider.js

@@ -18,13 +18,16 @@ define(function () {
             var expires,
                 secure,
                 date = new Date(),
-                isSecure = !!window.cookiesConfig && window.cookiesConfig.secure;
+                cookiesConfig = window.cookiesConfig || {},
+                isSecure = !!cookiesConfig.secure,
+                samesite = cookiesConfig.samesite || 'lax';
 
             date.setTime(date.getTime() + 86400000);
             expires = '; expires=' + date.toUTCString();
             secure = isSecure ? '; secure' : '';
+            samesite = '; samesite=' + samesite;
 
-            document.cookie = 'form_key=' + (value || '') + expires + secure + '; path=/';
+            document.cookie = 'form_key=' + (value || '') + expires + secure + '; path=/' + samesite;
         }
 
         /**

app/code/Magento/Sales/view/adminhtml/templates/order/create/shipping/method/form.phtml

@@ -38,11 +38,6 @@ $taxHelper = $block->getData('taxHelper');
                                 value="<?= $block->escapeHtmlAttr($_code) ?>"
                                 id="s_method_<?= $block->escapeHtmlAttr($_code) ?>" <?= /* @noEscape */ $_checked ?>
                                 class="admin__control-radio required-entry"/>
-                            <?= /* @noEscape */ $secureRenderer->renderEventListenerAsTag(
-                                'onclick',
-                                "order.setShippingMethod(this.value)",
-                                'input#s_method_' . $block->escapeHtmlAttr($_code)
-                            ) ?>
                             <label class="admin__field-label" for="s_method_<?= $block->escapeHtmlAttr($_code) ?>">
                                 <?= $block->escapeHtml($_rate->getMethodTitle() ?
                                     $_rate->getMethodTitle() : $_rate->getMethodDescription()) ?> -
@@ -59,6 +54,11 @@ $taxHelper = $block->getData('taxHelper');
                                     <?php endif; ?>
                                 </strong>
                             </label>
+                            <?= /* @noEscape */ $secureRenderer->renderEventListenerAsTag(
+                                'onclick',
+                                "order.setShippingMethod(this.value)",
+                                'input#s_method_' . $block->escapeHtmlAttr($_code)
+                            ) ?>
                         <?php endif; ?>
                     </li>
                 <?php endforeach; ?>

lib/web/jquery/jquery.cookie.js

@@ -47,7 +47,7 @@
                 options.path    ? '; path=' + options.path : '',
                 options.domain  ? '; domain=' + options.domain : '',
                 options.secure  ? '; secure' : '',
-                options.samesite  ? '; samesite=' + options.samesite : 'lax',
+                '; samesite=' + (options.samesite ? options.samesite : 'lax'),
             ].join(''));
         }
 

lib/web/mage/adminhtml/tools.js

@@ -267,7 +267,7 @@ var Cookie = {
 
         return null;
     },
-    write: function (cookieName, cookieValue, cookieLifeTime) {
+    write: function (cookieName, cookieValue, cookieLifeTime, samesite) {
         var expires = '';
 
         if (cookieLifeTime) {
@@ -278,7 +278,9 @@ var Cookie = {
         }
         var urlPath = '/' + BASE_URL.split('/').slice(3).join('/'); // Get relative path
 
-        document.cookie = escape(cookieName) + '=' + escape(cookieValue) + expires + '; path=' + urlPath;
+        samesite = '; samesite=' + (samesite ? samesite : 'lax');
+
+        document.cookie = escape(cookieName) + '=' + escape(cookieValue) + expires + '; path=' + urlPath + samesite;
     },
     clear: function (cookieName) {
         this.write(cookieName, '', -1);

lib/web/mage/cookies.js

@@ -76,7 +76,7 @@ define([
                 (path ? '; path=' + path : '') +
                 (domain ? '; domain=' + domain : '') +
                 (secure ? '; secure' : '') +
-                (samesite ? '; samesite=' + samesite : 'lax');
+                '; samesite=' + (samesite ? samesite : 'lax');
         };
 
         /**