MC-23553: Invalid Template Strings when Translate Inline enabled

mastiuhin-olexandr · mastiuhin-olexandr · commit bdf7a1e8773a · 2021-02-15T11:43:24.000+02:00
diff --git a/lib/internal/Magento/Framework/Escaper.php b/lib/internal/Magento/Framework/Escaper.php
@@ -495,22 +495,27 @@ private function getTranslateInline()
     private function inlineSensitiveEscapeHthmlAttr(string $text): string
     {
         $escaper = $this->getEscaper();
+        $textLength = strlen($text);
+
+        if ($textLength < 6) {
+            return $escaper->escapeHtmlAttr($text);
+        }
+
         $firstCharacters = substr($text, 0, 3);
         $lastCharacters = substr($text, -3, 3);
 
-        if ($firstCharacters === '{{{' && $lastCharacters === '}}}') {
-            $textLength = strlen($text);
-            $text = substr($text, 3, $textLength - 6);
-            $strings = explode('}}{{', $text);
-            $escapedStrings = [];
+        if ($firstCharacters !== '{{{' || $lastCharacters !== '}}}') {
+            return $escaper->escapeHtmlAttr($text);
+        }
 
-            foreach ($strings as $string) {
-                $escapedStrings[] = $escaper->escapeHtmlAttr($string);
-            }
+        $text = substr($text, 3, $textLength - 6);
+        $strings = explode('}}{{', $text);
+        $escapedStrings = [];
 
-            return '{{{' . implode('}}{{', $escapedStrings) . '}}}';
+        foreach ($strings as $string) {
+            $escapedStrings[] = $escaper->escapeHtmlAttr($string);
         }
 
-        return $escaper->escapeHtmlAttr($text);
+        return '{{{' . implode('}}{{', $escapedStrings) . '}}}';
     }
 }
diff --git a/lib/internal/Magento/Framework/Test/Unit/EscaperTest.php b/lib/internal/Magento/Framework/Test/Unit/EscaperTest.php
@@ -181,9 +181,9 @@ public function testEscapeHtml($data, $expected, $allowedTags = [])
      * @param string $input
      * @param string $output
      * @return void
-     * @dataProvider escapeHtmlAttrWithInlineProvider
+     * @dataProvider escapeHtmlAttributeWithInlineTranslateEnabledDataProvider
      */
-    public function testEscapeHtmlAttrWithInline(string $input, string $output): void
+    public function testEscapeHtmlAttributeWithInlineTranslateEnabled(string $input, string $output): void
     {
         $this->objectManagerHelper->setBackwardCompatibleProperty(
             $this->translateInline,
@@ -209,7 +209,7 @@ public function testEscapeHtmlAttrWithInline(string $input, string $output): voi
      *
      * @return array
      */
-    public function escapeHtmlAttrWithInlineProvider(): array
+    public function escapeHtmlAttributeWithInlineTranslateEnabledDataProvider(): array
     {
         return [
             [

Original file line number	Diff line number	Diff line change
`@@ -181,9 +181,9 @@ public function testEscapeHtml($data, $expected, $allowedTags = [])`
`181`	`181`	`* @param string $input`
`182`	`182`	`* @param string $output`
`183`	`183`	`* @return void`
`184`		`- * @dataProvider escapeHtmlAttrWithInlineProvider`
	`184`	`+ * @dataProvider escapeHtmlAttributeWithInlineTranslateEnabledDataProvider`
`185`	`185`	`*/`
`186`		`- public function testEscapeHtmlAttrWithInline(string $input, string $output): void`
	`186`	`+ public function testEscapeHtmlAttributeWithInlineTranslateEnabled(string $input, string $output): void`
`187`	`187`	`{`
`188`	`188`	`$this->objectManagerHelper->setBackwardCompatibleProperty(`
`189`	`189`	`$this->translateInline,`
`@@ -209,7 +209,7 @@ public function testEscapeHtmlAttrWithInline(string $input, string $output): voi`
`209`	`209`	`*`
`210`	`210`	`* @return array`
`211`	`211`	`*/`
`212`		`- public function escapeHtmlAttrWithInlineProvider(): array`
	`212`	`+ public function escapeHtmlAttributeWithInlineTranslateEnabledDataProvider(): array`
`213`	`213`	`{`
`214`	`214`	`return [`
`215`	`215`	`[`