Merge remote-tracking branch 'mainline/develop' into MAGETWO-43435-phrase-concatenation

Author: Dale Sikkema

app/code/Magento/Authorizenet/view/adminhtml/templates/directpost/info.phtml

@@ -5,7 +5,6 @@
  */
 
 // @codingStandardsIgnoreFile
-
 /**
  * @var \Magento\Authorizenet\Block\Transparent\Iframe $block
  * @see \Magento\Authorizenet\Block\Transparent\Iframe
@@ -24,10 +23,12 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
         src="<?php /* @noEscape */ echo $block->getViewFileUrl('blank.html'); ?>">
 </iframe>
 <!-- IFRAME for request to Authorize.net -->
-<iframe id="directpost-iframe" allowtransparency="true" frameborder="0"  name="iframeDirectPost" style="display:none;width:100%;background-color:transparent"
+<iframe id="directpost-iframe" allowtransparency="true" frameborder="0"  name="iframeDirectPost"
+        style="display:none;width:100%;background-color:transparent"
         src="<?php /* @noEscape */ echo $block->getViewFileUrl('blank.html'); ?>">
 </iframe>
-<fieldset class="admin__fieldset payment-method" id="payment_form_<?php /* @noEscape */ echo $code; ?>" style="display:none;">
+<fieldset class="admin__fieldset payment-method" id="payment_form_<?php /* @noEscape */ echo $code; ?>"
+          style="display:none;">
     <div class="admin__field _required">
         <label for="<?php /* @noEscape */ echo $code; ?>_cc_type" class="admin__field-label">
             <span><?php echo $block->escapeHtml(__('Credit Card Type')); ?></span>
@@ -81,11 +82,11 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
                             <?php if ($k == $ccExpYear): ?>selected="selected"<?php endif; ?>>
                         <?php echo $block->escapeHtml($v); ?>
                     </option>
-                <?php endforeach ?>
+                <?php endforeach; ?>
             </select>
         </div>
     </div>
-    <?php if ($_form->hasVerification()): ?>
+    <?php if ($block->hasVerification()): ?>
     <div class="admin__field _required">
         <label for="<?php /* @noEscape */ echo $code; ?>_cc_cid">
             <span><?php echo $block->escapeHtml(__('Card Verification Number')); ?></span>
@@ -123,7 +124,9 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
             '<?php /* @noEscape */ echo $controller; ?>',
             '<?php /* @noEscape */ echo $orderUrl; ?>',
             '<?php echo $block->escapeUrl($method->getCgiUrl()); ?>',
-            '<?php /* @noEscape */ echo $block->getUrl('*/*/save', ['_secure' => $block->getRequest()->isSecure()]) ?>');
+            '<?php /* @noEscape */ echo $block->getUrl('*/*/save', [
+                '_secure' => $block->getRequest()->isSecure()
+            ]);?>');
 
         <?php if (!$block->isAjaxRequest()): ?>
             });

app/code/Magento/Authorizenet/view/frontend/web/js/view/payment/method-renderer/authorizenet-directpost.js

@@ -50,9 +50,8 @@ define(
             placeOrder: function () {
                 var self = this;
 
-                fullScreenLoader.startLoader();
-
                 if (this.validateHandler() && additionalValidators.validate()) {
+                    fullScreenLoader.startLoader();
                     this.isPlaceOrderActionAllowed(false);
                     $.when(setPaymentInformationAction(this.messageContainer, {
                         'method': self.getCode()

app/code/Magento/Backend/view/adminhtml/templates/widget/grid/extended.phtml

@@ -255,6 +255,12 @@ $numColumns = sizeof($block->getColumns());
 
     deps.push('mage/adminhtml/grid');
 
+    <?php if (is_array($block->getRequireJsDependencies())): ?>
+        <?php foreach ($block->getRequireJsDependencies() as $dependency): ?>
+            deps.push('<?php /* @escapeNotVerified */ echo $dependency; ?>');
+        <?php endforeach; ?>
+    <?php endif; ?>
+
     require(deps, function(<?php echo ($block->getDependencyJsObject() ? 'registry' : '') ?>){
         <?php //TODO: getJsObjectName and getRowClickCallback has unexpected behavior. Should be removed ?>
 

app/code/Magento/Braintree/etc/frontend/di.xml

@@ -21,4 +21,11 @@
             </argument>
         </arguments>
     </type>
+    <type name="Magento\Framework\Url\SecurityInfo">
+        <arguments>
+            <argument name="secureUrlList" xsi:type="array">
+                <item name="braintree" xsi:type="string">/braintree/</item>
+            </argument>
+        </arguments>
+    </type>
 </config>

app/code/Magento/Braintree/view/adminhtml/templates/data_js.phtml

@@ -7,21 +7,20 @@
 /**
  * @var $block \Magento\Braintree\Block\Datajs
  */
-?>
-<?php
+
 $arrayData = [
     "kountId" => $this->helper('Magento\Braintree\Helper\Data')->getKountId() ?
         $this->helper('Magento\Braintree\Helper\Data')->getKountId() : false,
     "formId" =>$block->getFormId(),
     "merchantId" => $block->getMerchantId(),
-    "braintreeDataJs" => $block->getJsSrc(),
+    "braintreeDataJs" => $block->escapeUrl($block->getJsSrc()),
 ];
 $serializedFormData = $this->helper('Magento\Framework\Json\Helper\Data')->jsonEncode($arrayData);
 ?>
 <script type="text/x-magento-init">
     {
         "body": {
-             "braintreeDataJs": <?php /* @escapeNotVerified */ echo $serializedFormData ?>
+             "braintreeDataJs": <?php /* @noEscape */ echo $serializedFormData ?>
         }
     }
 </script>

app/code/Magento/Braintree/view/adminhtml/templates/form.phtml

@@ -7,110 +7,143 @@
 // @codingStandardsIgnoreFile
 
 /** @var \Magento\Braintree\Block\Form $block */
-$_form = $block;
-$_code = $_form->getMethodCode();
-$_storedCards = $this->helper('\Magento\Braintree\Helper\Createorder')->getLoggedInCustomerCards();
-$_useVault = $block->useVault();
-$_useCvv = $block->useCvv();
-$clientToken = $block->getClientToken();
+$code = $block->getMethodCode();
+$storedCards = $this->helper('\Magento\Braintree\Helper\Createorder')->getLoggedInCustomerCards();
+$useVault = $block->useVault();
+$useCvv = $block->useCvv();
+$clientToken = $block->escapeHtml($block->getClientToken());
 $isFraudDetectionEnabled = $block->isFraudDetectionEnabled();
 $braintreeDataJs = $block->getBraintreeDataJs();
 $formData = [
-    "useVault" => $_useVault,
-    "useCvv"  => $_useCvv,
+    "useVault" => $useVault,
+    "useCvv"  => $useCvv,
     "clientToken" => $clientToken,
-    "code" => $_code,
+    "code" => $code,
     "isFraudDetectionEnabled" => $isFraudDetectionEnabled,
     "braintreeDataJs"=> $braintreeDataJs,
 ];
 $serializedFormData = $this->helper('Magento\Framework\Json\Helper\Data')->jsonEncode($formData);
+$ccType = $block->getInfoData('cc_type');
+$ccExpMonth = $block->getInfoData('cc_exp_month');
+$ccExpYear = $block->getInfoData('cc_exp_year');
 ?>
-<input id="<?php /* @escapeNotVerified */ echo $_code ?>_payment_method" type="hidden" name="payment[method]" value="<?php /* @escapeNotVerified */ echo $_code ?>" />
-<div id="payment_form_<?php /* @escapeNotVerified */ echo $_code ?>" class="admin__page-section-item" style="display:none;"
-    data-mage-init='{"braintreeCcForm":<?php /* @escapeNotVerified */ echo $serializedFormData ?>}'
+<input id="<?php /* @noEscape */ echo $code; ?>_payment_method" type="hidden" name="payment[method]"
+       value="<?php /* @noEscape */ echo $code; ?>" />
+<div id="payment_form_<?php /* @noEscape */ echo $code; ?>" class="admin__page-section-item" style="display:none;"
+    data-mage-init='{"braintreeCcForm":<?php /* @noEscape */ echo $serializedFormData; ?>}'
     >
     <input type="hidden" name="payment[payment_method_nonce]" id="braintree_nonce" value="" />
     <input type="hidden" name="payment[cc_last4]" id="cc_last4" value="" />
     <?php if ($isFraudDetectionEnabled): ?>
-    <input type="hidden" name="payment[device_data]" id="braintree_device_id" value="" />
+        <input type="hidden" name="payment[device_data]" id="braintree_device_id" value="" />
     <?php endif; ?>
-    <?php if ($_storedCards): ?>
-    <fieldset class="admin__fieldset">
-        <div class="admin__field" id="<?php /* @escapeNotVerified */ echo $_code ?>_token_selector">
-            <label class="admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_token"><?php /* @escapeNotVerified */ echo __('Payment Information') ?></label>
-            <div class="admin__field-control control">
-                <select id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_token" name="payment[cc_token]" class="select admin__control-select">
-                    <?php foreach ($_storedCards as $creditCard): ?>
-                        <option value="<?php /* @escapeNotVerified */ echo $creditCard->token?>" <?php echo $creditCard->default ? 'selected="selected"' : '' ?>>
-                            <?php /* @escapeNotVerified */ echo $creditCard->maskedNumber  . ' - ' . $creditCard->cardType ?>
-                        </option>
-                    <?php endforeach; ?>
-                        <option value=''><?php /* @escapeNotVerified */ echo __('Add new card') ?></option>
-                </select>
+    <?php if ($storedCards): ?>
+        <fieldset class="admin__fieldset">
+            <div class="admin__field" id="<?php /* @noEscape */ echo $code; ?>_token_selector">
+                <label class="admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_token">
+                    <?php echo $block->escapeHtml(__('Payment Information')); ?>
+                </label>
+                <div class="admin__field-control control">
+                    <select id="<?php /* @noEscape */ echo $code; ?>_cc_token" name="payment[cc_token]"
+                            class="select admin__control-select">
+                        <?php foreach ($storedCards as $creditCard): ?>
+                            <option value="<?php echo $block->escapeHtml($creditCard->token); ?>"
+                                <?php /* @noEscape */ echo $creditCard->default ? ' selected="selected"' : ''; ?>>
+                                <?php echo $block->escapeHtml($creditCard->maskedNumber); ?> - <?php echo $block->escapeHtml($creditCard->cardType); ?>
+                            </option>
+                        <?php endforeach; ?>
+                        <option value=''><?php echo $block->escapeHtml(__('Add new card')); ?></option>
+                    </select>
+                </div>
             </div>
-        </div>
-    </fieldset>
+        </fieldset>
     <?php endif; ?>
     <fieldset class="admin__fieldset hide_if_token_selected">
     <div class="admin__field">
-        <label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type" ><?php /* @escapeNotVerified */ echo __('Credit Card Type') ?><span class="required">*</span></label>
+        <label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_type" >
+            <?php echo $block->escapeHtml(__('Credit Card Type')); ?><span class="required">*</span>
+        </label>
         <div class="admin__field-control control">
-            <select id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type" name="payment[cc_type]" class="required-entry _required select admin__control-select validate-cc-type-select">
-                <option value="">--<?php /* @escapeNotVerified */ echo __('Please Select')?>--</option>
-            <?php $_ccType = $_form->getInfoData('cc_type') ?>
-            <?php foreach ($_form->getCcAvailableTypes() as $_typeCode => $_typeName): ?>
-                <option value="<?php /* @escapeNotVerified */ echo $_typeCode ?>"<?php if($_typeCode==$_ccType): ?> selected="selected"<?php endif ?>><?php /* @escapeNotVerified */ echo $_typeName ?></option>
-            <?php endforeach ?>
+            <select id="<?php /* @noEscape */ echo $code; ?>_cc_type" name="payment[cc_type]"
+                    class="required-entry _required select admin__control-select validate-cc-type-select">
+                <option value="">--<?php echo $block->escapeHtml(__('Please Select')); ?>--</option>
+            <?php foreach ($block->getCcAvailableTypes() as $typeCode => $typeName): ?>
+                <option value="<?php echo $block->escapeHtml($typeCode); ?>"
+                    <?php if($typeCode == $ccType): ?> selected="selected"<?php endif; ?>>
+                    <?php echo $block->escapeHtml($typeName); ?>
+                </option>
+            <?php endforeach; ?>
             </select>
         </div>
     </div>
     </fieldset>
     <fieldset class="admin__fieldset hide_if_token_selected">
     <div class="admin__field">
-        <label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_number"><?php /* @escapeNotVerified */ echo __('Credit Card Number') ?><span class="required">*</span></label>
+        <label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_number">
+            <?php echo $block->escapeHtml(__('Credit Card Number')); ?><span class="required">*</span>
+        </label>
         <div class="admin__field-control control">
-            <input type="text" id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_number" data-encrypted-name="payment[cc_number]"  title="<?php /* @escapeNotVerified */ echo __('Credit Card Number') ?>" class="input-text admin__control-text validate-cc-number validate-cc-type" value="" />
+            <input type="text" id="<?php /* @noEscape */ echo $code; ?>_cc_number" data-encrypted-name="payment[cc_number]"
+                   title="<?php echo $block->escapeHtml(__('Credit Card Number')); ?>"
+                   class="input-text admin__control-text validate-cc-number validate-cc-type" value="" />
         </div>
     </div>
     </fieldset>
     <fieldset class="admin__fieldset hide_if_token_selected">
-    <div id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type_exp_div" class="admin__field">
-        <label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_expiration" ><?php /* @escapeNotVerified */ echo __('Expiration Date') ?><span class="required">*</span></label>
+    <div id="<?php /* @noEscape */ echo $code; ?>_cc_type_exp_div" class="admin__field">
+        <label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_expiration">
+            <?php echo $block->escapeHtml(__('Expiration Date')); ?><span class="required">*</span>
+        </label>
         <div class="admin__field-control control">
-            <select id="<?php /* @escapeNotVerified */ echo $_code ?>_expiration" name="payment[cc_exp_month]" class="month validate-cc-exp required-entry _required select admin__control-select">
-            <?php $_ccExpMonth = $_form->getInfoData('cc_exp_month') ?>
-            <?php foreach ($_form->getCcMonths() as $k=>$v): ?>
-                <option value="<?php echo $k?$k:'' ?>"<?php if($k==$_ccExpMonth): ?> selected="selected"<?php endif ?>><?php /* @escapeNotVerified */ echo $v ?></option>
-            <?php endforeach ?>
+            <select id="<?php /* @noEscape */ echo $code; ?>_expiration" name="payment[cc_exp_month]"
+                    class="month validate-cc-exp required-entry _required select admin__control-select">
+                <?php foreach ($block->getCcMonths() as $k=>$v): ?>
+                    <option value="<?php /* @noEscape */ echo $k ? $block->escapeHtml($k) : ''; ?>"
+                        <?php if ($k == $ccExpMonth): ?> selected="selected"<?php endif; ?>>
+                        <?php echo $block->escapeHtml($v); ?></option>
+                <?php endforeach; ?>
             </select>
-            <?php $_ccExpYear = $_form->getInfoData('cc_exp_year') ?>
-            <select id="<?php /* @escapeNotVerified */ echo $_code ?>_expiration_yr" name="payment[cc_exp_year]" class="year required-entry _required select admin__control-select">
-            <?php foreach ($_form->getCcYears() as $k=>$v): ?>
-                <option value="<?php echo $k?$k:'' ?>"<?php if($k==$_ccExpYear): ?> selected="selected"<?php endif ?>><?php /* @escapeNotVerified */ echo $v ?></option>
+            <select id="<?php /* @noEscape */ echo $code; ?>_expiration_yr" name="payment[cc_exp_year]"
+                    class="year required-entry _required select admin__control-select">
+            <?php foreach ($block->getCcYears() as $k => $v): ?>
+                <option value="<?php /* @noEscape */ echo $k ? $block->escapeHtml($k) : ''; ?>"
+                    <?php if ($k == $ccExpYear): ?> selected="selected"<?php endif; ?>>
+                    <?php echo $block->escapeHtml($v); ?>
+                </option>
             <?php endforeach ?>
             </select>
         </div>
     </div>
     </fieldset>
-    <?php echo $_form->getChildHtml() ?>
-    <?php if($_form->hasVerification()): ?>
-    <fieldset class="admin__fieldset hide_if_token_selected">
-        <div id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type_cvv_div" class="admin__field">
-            <label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_cid" ><?php /* @escapeNotVerified */ echo __('Card Verification Number') ?><span class="required">*</span></label>
-            <div class="admin__field-control control">
-                <div class="v-fix">
-                    <input type="text" title="<?php /* @escapeNotVerified */ echo __('Card Verification Number') ?>" class="input-text admin__control-text cvv required-entry validate-cc-cvn" id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_cid" data-encrypted-name="payment[cc_cid]" value="" />
+    <?php echo $block->getChildHtml(); ?>
+    <?php if ($block->hasVerification()): ?>
+        <fieldset class="admin__fieldset hide_if_token_selected">
+            <div id="<?php /* @noEscape */ echo $code; ?>_cc_type_cvv_div" class="admin__field">
+                <label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_cid">
+                    <?php echo $block->escapeHtml(__('Card Verification Number')); ?><span class="required">*</span>
+                </label>
+
+                <div class="admin__field-control control">
+                    <div class="v-fix">
+                        <input type="text" title="<?php echo $block->escapeHtml(__('Card Verification Number')); ?>"
+                               class="input-text admin__control-text cvv required-entry validate-cc-cvn"
+                               id="<?php /* @noEscape */ echo $code; ?>_cc_cid" data-encrypted-name="payment[cc_cid]" value=""/>
+                    </div>
                 </div>
             </div>
-        </div>
-    </fieldset>
+        </fieldset>
     <?php endif; ?>
     <?php if($_useVault): ?>
-    <fieldset class="admin__fieldset hide_if_token_selected">
-        <div id="<?php /* @escapeNotVerified */ echo $_code ?>_store_in_vault_div" style="text-align:left;" class="">
-            <input type="checkbox" title="<?php /* @escapeNotVerified */ echo __('Save this card for future use') ?>" class="input-checkbox" id="<?php /* @escapeNotVerified */ echo $_code ?>_store_in_vault" name="payment[store_in_vault]" value="1" />
-            <label for="<?php /* @escapeNotVerified */ echo $_code ?>_store_in_vault" style="float:none;"><?php /* @escapeNotVerified */ echo __('Save this card for future use') ?></label>
-        </div>
-    </fieldset>
+        <fieldset class="admin__fieldset hide_if_token_selected">
+            <div id="<?php /* @noEscape */ echo $code; ?>_store_in_vault_div" style="text-align:left;" class="">
+                <input type="checkbox" title="<?php echo $block->escapeHtml(__('Save this card for future use')); ?>"
+                       class="input-checkbox" id="<?php /* @noEscape */ echo $code; ?>_store_in_vault"
+                       name="payment[store_in_vault]" value="1"/>
+                <label for="<?php /* @noEscape */ echo $code; ?>_store_in_vault" style="float:none;">
+                    <?php echo $block->escapeHtml(__('Save this card for future use')); ?>
+
+                </label>
+            </div>
+        </fieldset>
     <?php endif; ?>
 </div>