Merge pull request #4375 from magento-qwerty/MAGETWO-56445

dvoskoboinikov · web-flow · commit bef5f5353f20 · 2019-06-19T12:55:08.000-05:00
Implemented Stories:
- MAGETWO-56445: Eliminate @escapeNotVerified in Google-related Modules
diff --git a/app/code/Magento/GoogleAdwords/view/frontend/templates/code.phtml b/app/code/Magento/GoogleAdwords/view/frontend/templates/code.phtml
@@ -3,31 +3,29 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
 ?>
 <?php
 /** @var $block \Magento\GoogleAdwords\Block\Code */
 ?>
 <!-- Google Code for Sale Conversion Page -->
 <script>
     /* <![CDATA[ */
-    var google_conversion_id = <?= /* @escapeNotVerified */ $block->getHelper()->getConversionId() ?>;
-    var google_conversion_language = "<?= /* @escapeNotVerified */ $block->getHelper()->getConversionLanguage() ?>";
-    var google_conversion_format = "<?= /* @escapeNotVerified */ $block->getHelper()->getConversionFormat() ?>";
-    var google_conversion_color = "<?= /* @escapeNotVerified */ $block->getHelper()->getConversionColor() ?>";
-    var google_conversion_label = "<?= /* @escapeNotVerified */ $block->getHelper()->getConversionLabel() ?>";
-    var google_conversion_value = <?= /* @escapeNotVerified */ $block->getHelper()->getConversionValue() ?>;
-    <?php if($block->getHelper()->hasSendConversionValueCurrency() && $block->getHelper()->getConversionValueCurrency()): ?>
-    var google_conversion_currency = "<?= /* @escapeNotVerified */ $block->getHelper()->getConversionValueCurrency() ?>";
+    var google_conversion_id = <?= $block->escapeJs($block->getHelper()->getConversionId()) ?>;
+    var google_conversion_language = "<?= $block->escapeJs($block->getHelper()->getConversionLanguage()) ?>";
+    var google_conversion_format = "<?= $block->escapeJs($block->getHelper()->getConversionFormat()) ?>";
+    var google_conversion_color = "<?= $block->escapeJs($block->getHelper()->getConversionColor()) ?>";
+    var google_conversion_label = "<?= $block->escapeJs($block->getHelper()->getConversionLabel()) ?>";
+    var google_conversion_value = <?= $block->escapeJs($block->getHelper()->getConversionValue()) ?>;
+    <?php if ($block->getHelper()->hasSendConversionValueCurrency() && $block->getHelper()->getConversionValueCurrency()) : ?>
+    var google_conversion_currency = "<?= $block->escapeJs($block->getHelper()->getConversionValueCurrency()) ?>";
     <?php endif; ?>
     /* ]]> */
 </script>
-<script src="<?= /* @escapeNotVerified */ $block->getHelper()->getConversionJsSrc() ?>"></script>
+<script src="<?= $block->escapeHtmlAttr($block->getHelper()->getConversionJsSrc()) ?>"></script>
 <noscript>
     <div style="display:inline;">
         <img height="1" width="1" style="border-style:none;" alt=""
-             src="<?= /* @escapeNotVerified */ $block->getHelper()->getConversionImgSrc() ?>"/>
+             src="<?= $block->escapeHtmlAttr($block->getHelper()->getConversionImgSrc()) ?>"/>
     </div>
 </noscript>
 <!-- END Google Code for Sale Conversion Page -->
diff --git a/app/code/Magento/GoogleAnalytics/view/frontend/templates/ga.phtml b/app/code/Magento/GoogleAnalytics/view/frontend/templates/ga.phtml
@@ -3,9 +3,6 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-
-// @codingStandardsIgnoreFile
-
 ?>
 <?php /** @var $block \Magento\GoogleAnalytics\Block\Ga */ ?>
 <?php $accountId = $block->getConfig(\Magento\GoogleAnalytics\Helper\Data::XML_PATH_ACCOUNT) ?>
@@ -16,9 +13,9 @@
         "Magento_GoogleAnalytics/js/google-analytics": {
             "isCookieRestrictionModeEnabled": <?= (int)$block->isCookieRestrictionModeEnabled() ?>,
             "currentWebsite": <?= (int)$block->getCurrentWebsiteId() ?>,
-            "cookieName": "<?= /* @escapeNotVerified */ \Magento\Cookie\Helper\Cookie::IS_USER_ALLOWED_SAVE_COOKIE ?>",
-            "ordersTrackingData": <?= /* @escapeNotVerified */ json_encode($block->getOrdersTrackingData()) ?>,
-            "pageTrackingData": <?= /* @escapeNotVerified */ json_encode($block->getPageTrackingData($accountId)) ?>
+            "cookieName": "<?= /* @noEscape */ \Magento\Cookie\Helper\Cookie::IS_USER_ALLOWED_SAVE_COOKIE ?>",
+            "ordersTrackingData": <?= /* @noEscape */ json_encode($block->getOrdersTrackingData()) ?>,
+            "pageTrackingData": <?= /* @noEscape */ json_encode($block->getPageTrackingData($accountId)) ?>
         }
     }
 }
