magento
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/items/price/row.phtml
Lines changed: 4 additions & 7 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/items/price/row.phtml
Lines changed: 4 additions & 7 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/items/price/total.phtml
Lines changed: 1 addition & 4 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/items/price/total.phtml
Lines changed: 1 addition & 4 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/items/price/unit.phtml
Lines changed: 4 additions & 7 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/items/price/unit.phtml
Lines changed: 4 additions & 7 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/order/create/items/price/row.phtml
Lines changed: 4 additions & 7 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/order/create/items/price/row.phtml
Lines changed: 4 additions & 7 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/order/create/items/price/total.phtml
Lines changed: 4 additions & 7 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/order/create/items/price/total.phtml
Lines changed: 4 additions & 7 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/order/create/items/price/unit.phtml
Lines changed: 4 additions & 7 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/order/create/items/price/unit.phtml
Lines changed: 4 additions & 7 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/rate/form.phtml
Lines changed: 0 additions & 3 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/rate/form.phtml
Lines changed: 0 additions & 3 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/rate/js.phtml
Lines changed: 1 addition & 4 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/rate/js.phtml
Lines changed: 1 addition & 4 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/rate/title.phtml
Lines changed: 7 additions & 8 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/rate/title.phtml
Lines changed: 7 additions & 8 deletions
diff --git a/‎app/code/Magento/Tax/view/adminhtml/templates/rule/edit.phtml
Lines changed: 15 additions & 17 deletions b/‎app/code/Magento/Tax/view/adminhtml/templates/rule/edit.phtml
Lines changed: 15 additions & 17 deletions
@@ -3,9 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <?php
 /** @var \Magento\Tax\Block\Adminhtml\Items\Price\Renderer $block */
@@ -16,18 +13,18 @@ $_item = $block->getItem();
 <?php if ($block->displayBothPrices() || $block->displayPriceExclTax()): ?>
     <div class="price-excl-tax">
         <?php if ($block->displayBothPrices()): ?>
-            <span class="label"><?= /* @escapeNotVerified */ __('Excl. Tax') ?>:</span>
+            <span class="label"><?= $block->escapeHtml(__('Excl. Tax')) ?>:</span>
         <?php endif; ?>
-        <?= /* @escapeNotVerified */ $block->displayPrices($_item->getBaseRowTotal(), $_item->getRowTotal()) ?>
+        <?= /* @noEscape */ $block->displayPrices($_item->getBaseRowTotal(), $_item->getRowTotal()) ?>
     </div>
 <?php endif; ?>
 <?php if ($block->displayBothPrices() || $block->displayPriceInclTax()): ?>
     <div class="price-incl-tax">
         <?php if ($block->displayBothPrices()): ?>
-            <span class="label"><?= /* @escapeNotVerified */ __('Incl. Tax') ?>:</span>
+            <span class="label"><?= $block->escapeHtml(('Incl. Tax')) ?>:</span>
         <?php endif; ?>
         <?php $_incl = $this->helper('Magento\Checkout\Helper\Data')->getSubtotalInclTax($_item); ?>
         <?php $_baseIncl = $this->helper('Magento\Checkout\Helper\Data')->getBaseSubtotalInclTax($_item); ?>
-        <?= /* @escapeNotVerified */ $block->displayPrices($_baseIncl, $_incl) ?>
+        <?= /* @noEscape */ $block->displayPrices($_baseIncl, $_incl) ?>
     </div>
 <?php endif; ?>
@@ -3,14 +3,11 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <?php
 /** @var \Magento\Tax\Block\Adminhtml\Items\Price\Renderer $block */
 
 $_item = $block->getItem();
 ?>
 
-<?= /* @escapeNotVerified */ $block->displayPrices($block->getBaseTotalAmount($_item), $block->getTotalAmount($_item)) ?>
+<?= /* @noEscape */ $block->displayPrices($block->getBaseTotalAmount($_item), $block->getTotalAmount($_item)) ?>
@@ -3,9 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <?php
 /** @var \Magento\Tax\Block\Adminhtml\Items\Price\Renderer $block */
@@ -16,21 +13,21 @@ $_item = $block->getItem();
 <?php if ($this->helper('Magento\Tax\Helper\Data')->displaySalesBothPrices() || $this->helper('Magento\Tax\Helper\Data')->displaySalesPriceExclTax()): ?>
     <div class="price-excl-tax">
         <?php if ($this->helper('Magento\Tax\Helper\Data')->displaySalesBothPrices()): ?>
-            <span class="label"><?= /* @escapeNotVerified */ __('Excl. Tax') ?>:</span>
+            <span class="label"><?= $block->escapeHtml(__('Excl. Tax')) ?>:</span>
         <?php endif; ?>
 
-        <?= /* @escapeNotVerified */ $block->displayPrices($_item->getBasePrice(), $_item->getPrice()) ?>
+        <?= /* @noEscape */ $block->displayPrices($_item->getBasePrice(), $_item->getPrice()) ?>
     </div>
 <?php endif; ?>
 <?php if ($this->helper('Magento\Tax\Helper\Data')->displaySalesBothPrices() || $this->helper('Magento\Tax\Helper\Data')->displaySalesPriceInclTax()): ?>
     <div class="price-incl-tax">
         <?php if ($this->helper('Magento\Tax\Helper\Data')->displaySalesBothPrices()): ?>
-            <span class="label"><?= /* @escapeNotVerified */ __('Incl. Tax') ?>:</span>
+            <span class="label"><?= $block->escapeHtml(__('Incl. Tax')) ?>:</span>
         <?php endif; ?>
         <?php $_incl = $this->helper('Magento\Checkout\Helper\Data')->getPriceInclTax($_item); ?>
         <?php $_baseIncl = $this->helper('Magento\Checkout\Helper\Data')->getBasePriceInclTax($_item); ?>
 
-        <?= /* @escapeNotVerified */ $block->displayPrices($_baseIncl, $_incl) ?>
+        <?= /* @noEscape */ $block->displayPrices($_baseIncl, $_incl) ?>
 
     </div>
 <?php endif; ?>
@@ -3,9 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <?php
 /** @var \Magento\Tax\Block\Adminhtml\Items\Price\Renderer $block */
@@ -15,15 +12,15 @@ $_item = $block->getItem();
 
 <?php if ($block->displayPriceExclTax() || $block->displayBothPrices()): ?>
     <?php if ($block->displayBothPrices($block->getStore())): ?>
-        <span class="label"><?= /* @escapeNotVerified */ __('Excl. Tax') ?>:</span>
+        <span class="label"><?= $block->escapeHtml(__('Excl. Tax')) ?>:</span>
     <?php endif; ?>
-    <?= /* @escapeNotVerified */ $block->formatPrice($_item->getRowTotal()) ?>
+    <?= /* @noEscape */ $block->formatPrice($_item->getRowTotal()) ?>
 <?php endif; ?>
 
 <?php if ($block->displayPriceInclTax() || $block->displayBothPrices()): ?>
     <?php if ($block->displayBothPrices()): ?>
-        <br /><span class="label"><?= /* @escapeNotVerified */ __('Incl. Tax') ?>:</span>
+        <br /><span class="label"><?= $block->escapeHtml(__('Incl. Tax')) ?>:</span>
     <?php endif; ?>
     <?php $_incl = $this->helper('Magento\Checkout\Helper\Data')->getSubtotalInclTax($_item); ?>
-    <?= /* @escapeNotVerified */ $block->formatPrice($_incl) ?>
+    <?= /* @noEscape */ $block->formatPrice($_incl) ?>
 <?php endif; ?>
@@ -3,9 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <?php
 /** @var \Magento\Tax\Block\Adminhtml\Items\Price\Renderer $block */
@@ -16,16 +13,16 @@ $_item = $block->getItem();
 <?php if ($block->displayPriceExclTax() || $block->displayBothPrices()): ?>
     <?php $_rowTotalWithoutDiscount = $_item->getRowTotal() - $_item->getTotalDiscountAmount(); ?>
     <?php if ($block->displayBothPrices()): ?>
-        <span class="label"><?= /* @escapeNotVerified */ __('Excl. Tax') ?>:</span>
+        <span class="label"><?= $block->escapeHtml(__('Excl. Tax')) ?>:</span>
     <?php endif; ?>
-    <?= /* @escapeNotVerified */ $block->formatPrice(max(0, $_rowTotalWithoutDiscount)) ?>
+    <?= /* @noEscape */ $block->formatPrice(max(0, $_rowTotalWithoutDiscount)) ?>
 <?php endif; ?>
 
 
 <?php if ($block->displayPriceInclTax() || $block->displayBothPrices()): ?>
     <?php if ($block->displayBothPrices($block->getStore())): ?>
-        <br /><span class="label"><?= /* @escapeNotVerified */ __('Incl. Tax') ?>:</span>
+        <br /><span class="label"><?= $block->escapeHtml(__('Incl. Tax')) ?>:</span>
     <?php endif; ?>
     <?php $_incl = $block->getTotalAmount($_item); ?>
-    <?= /* @escapeNotVerified */ $block->formatPrice($_incl) ?>
+    <?= /* @noEscape */ $block->formatPrice($_incl) ?>
 <?php endif; ?>
@@ -3,9 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <?php
 /** @var \Magento\Tax\Block\Adminhtml\Items\Price\Renderer $block */
@@ -15,16 +12,16 @@ $_item = $block->getItem();
 
 <?php if ($block->displayPriceExclTax() || $block->displayBothPrices()): ?>
     <?php if ($block->displayBothPrices()): ?>
-        <span class="label"><?= /* @escapeNotVerified */ __('Excl. Tax') ?>:</span>
+        <span class="label"><?= $block->escapeHtml(__('Excl. Tax')) ?>:</span>
     <?php endif; ?>
-    <?= /* @escapeNotVerified */ $block->formatPrice($_item->getCalculationPrice()) ?>
+    <?= /* @noEscape */ $block->formatPrice($_item->getCalculationPrice()) ?>
 <?php endif; ?>
 
 
 <?php if ($block->displayPriceInclTax() || $block->displayBothPrices()): ?>
     <?php if ($block->displayBothPrices()): ?>
-        <br /><span class="label"><?= /* @escapeNotVerified */ __('Incl. Tax') ?>:</span>
+        <br /><span class="label"><?= $block->escapeHtml(__('Incl. Tax')) ?>:</span>
     <?php endif; ?>
     <?php $_incl = $this->helper('Magento\Checkout\Helper\Data')->getPriceInclTax($_item); ?>
-    <?= /* @escapeNotVerified */ $block->formatPrice($_incl) ?>
+    <?= /* @noEscape */ $block->formatPrice($_incl) ?>
 <?php endif; ?>
@@ -3,9 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <div class="entry-edit form-inline">
     <?= $block->getFormHtml() ?>
 
@@ -3,17 +3,14 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <script>
 require([
     "jquery",
     "mage/adminhtml/form"
 ], function(jQuery){
 
-    var updater = new RegionUpdater('tax_country_id', 'tax_region', 'tax_region_id', <?= /* @escapeNotVerified */ $this->helper('Magento\Directory\Helper\Data')->getRegionJson() ?>, 'disable');
+    var updater = new RegionUpdater('tax_country_id', 'tax_region', 'tax_region_id', <?= /* @noEscape */ $this->helper('Magento\Directory\Helper\Data')->getRegionJson() ?>, 'disable');
     updater.disableRegionValidation();
 
     (function ($) {
 
@@ -3,30 +3,29 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <fieldset id="tax-rate-titles-table" class="admin__fieldset">
     <?php $_labels = $block->getTitles() ?>
     <?php foreach ($block->getStores() as $_store): ?>
         <div class="admin__field">
-            <label class="admin__field-label"><span><?= /* @escapeNotVerified */ $_store->getName() ?></span></label>
+            <label class="admin__field-label">
+                <span><?= $block->escapeHtml($_store->getName()) ?></span>
+            </label>
             <div class="admin__field-control">
                 <input
                     class="admin__control-text<?php if ($_store->getId() == 0): ?> required-entry<?php endif; ?>"
                     type="text"
-                    name="title[<?= /* @escapeNotVerified */ $_store->getId() ?>]"
-                    value="<?= /* @escapeNotVerified */ $_labels[$_store->getId()] ?>" />
+                    name="title[<?= $block->escapeHtml($_store->getId()) ?>]"
+                    value="<?= $block->escapeHtml($_labels[$_store->getId()]) ?>" />
             </div>
         </div>
     <?php endforeach; ?>
 
     <div class="messages">
         <div class="message message-notice">
             <div>
-                <strong><?= /* @escapeNotVerified */ __('Note:') ?></strong>
-                <?= /* @escapeNotVerified */ __('Leave this field empty if you wish to use the tax identifier.') ?>
+                <strong><?= $block->escapeHtml(__('Note:')) ?></strong>
+                <?= $block->escapeHtml(__('Leave this field empty if you wish to use the tax identifier.')) ?>
             </div>
         </div>
     </div>
 
@@ -4,8 +4,6 @@
  * See COPYING.txt for license details.
  */
 
-// @codingStandardsIgnoreFile
-
 /** @var $block \Magento\Tax\Block\Adminhtml\Rule\Edit\Form */
 ?>
 <script>
@@ -78,7 +76,7 @@ require([
             $.ajax({
                 type: "POST",
                 data: {id:id},
-                url: '<?= /* @escapeNotVerified */ $block->getTaxRateLoadUrl() ?>',
+                url: '<?= $block->escapeUrl($block->getTaxRateLoadUrl()) ?>',
                 success: function(result, status) {
                     $('body').trigger('processStop');
                     if (result.success) {
@@ -95,14 +93,14 @@ require([
                             });
                         else
                             alert({
-                                content: '<?= /* @escapeNotVerified */ __('An error occurred') ?>'
+                                content: '<?= $block->escapeJs(__('An error occurred')) ?>'
                             });
                     }
                 },
                 error: function () {
                     $('body').trigger('processStop');
                     alert({
-                        content: '<?= /* @escapeNotVerified */ __('An error occurred') ?>'
+                        content: '<?= $block->escapeJs(__('An error occurred')) ?>'
                     });
                 },
                 dataType: "json"
@@ -113,7 +111,7 @@ require([
             var options = {
                 mselectContainer: '#tax_rate + section.mselect-list',
                 toggleAddButton:false,
-                addText: '<?= /* @escapeNotVerified */ __('Add New Tax Rate') ?>',
+                addText: '<?= $block->escapeJs(__('Add New Tax Rate')) ?>',
                 parse: null,
                 nextPageUrl: '<?php echo $block->escapeHtml($block->getTaxRatesPageUrl())?>',
                 selectedValues: this.settings.selected_values,
@@ -138,7 +136,7 @@ require([
             var taxRate = $('#tax_rate'),
                 taxRateField = taxRate.parent(),
                 taxRateForm = $('#tax-rate-form'),
-                taxRateFormElement = $('#<?= /* @escapeNotVerified */ \Magento\Tax\Block\Adminhtml\Rate\Form::FORM_ELEMENT_ID ?>');
+                taxRateFormElement = $('#<?= /* @noEscape */ \Magento\Tax\Block\Adminhtml\Rate\Form::FORM_ELEMENT_ID ?>');
 
             if (!this.isEntityEditable) {
                 // Override default layout of editable multiselect
@@ -162,7 +160,7 @@ require([
             taxRateField.find('.mselect-list')
                     .on('click.mselect-edit', '.mselect-edit', this.edit)
                     .on("click.mselect-delete", ".mselect-delete", function () {
-                        if (!confirm('<?= /* @escapeNotVerified */ __('Do you really want to delete this tax rate?') ?>')) {
+                        if (!confirm('<?= $block->escapeJs(__('Do you really want to delete this tax rate?')) ?>')) {
                             return;
                         }
 
@@ -178,7 +176,7 @@ require([
                                 form_key: $('input[name="form_key"]').val()
                             },
                             dataType: 'json',
-                            url: '<?= /* @escapeNotVerified */ $block->getTaxRateDeleteUrl() ?>',
+                            url: '<?= $block->escapeUrl($block->getTaxRateDeleteUrl()) ?>',
                             success: function(result, status) {
                                 $('body').trigger('processStop');
                                 if (result.success) {
@@ -196,14 +194,14 @@ require([
                                         });
                                     else
                                         alert({
-                                            content: '<?= /* @escapeNotVerified */ __('An error occurred') ?>'
+                                            content: '<?= $block->escapeJs(__('An error occurred')) ?>'
                                         });
                                 }
                             },
                             error: function () {
                                 $('body').trigger('processStop');
                                 alert({
-                                    content: '<?= /* @escapeNotVerified */ __('An error occurred') ?>'
+                                    content: '<?= $block->escapeJs(__('An error occurred')) ?>'
                                 });
                             }
                         };
@@ -224,15 +222,15 @@ require([
             taxRateFormElement.mage('form').mage('validation');
 
             taxRateForm.dialogRates({
-                title: '<?= /* @escapeNotVerified */ __('Tax Rate') ?>',
+                title: '<?= $block->escapeJs(__('Tax Rate')) ?>',
                 type: 'slide',
-                id: '<?= /* @escapeNotVerified */ $block->getJsId() ?>',
+                id: '<?= $block->escapeJs($block->getJsId()) ?>',
                 modalClass: 'tax-rate-popup',
                 closed: function () {
                     taxRateFormElement.data('validation').clearError();
                 },
                 buttons: [{
-                    text: '<?= /* @escapeNotVerified */ __('Save') ?>',
+                    text: '<?= $block->escapeJs(__('Save')) ?>',
                     'class': 'action-save action-primary',
                     click: function() {
                         this.updateItemRate();
@@ -252,7 +250,7 @@ require([
                             type: 'POST',
                             data: itemRateData,
                             dataType: 'json',
-                            url: '<?= /* @escapeNotVerified */ $block->getTaxRateSaveUrl() ?>',
+                            url: '<?= $block->escapeUrl($block->getTaxRateSaveUrl()) ?>',
                             success: function(result, status) {
                                 $('body').trigger('processStop');
                                 if (result.success) {
@@ -277,14 +275,14 @@ require([
                                         });
                                     else
                                         alert({
-                                            content: '<?= /* @escapeNotVerified */ __('An error occurred') ?>'
+                                            content: '<?= $block->escapeJs(__('An error occurred')) ?>'
                                         });
                                 }
                             },
                             error: function () {
                                 $('body').trigger('processStop');
                                 alert({
-                                    content: '<?= /* @escapeNotVerified */ __('An error occurred') ?>'
+                                    content: '<?= $block->escapeJs(__('An error occurred')) ?>'
                                 });
                             }
                         };