From 597fd2469efb85eb078a303d2409dc9c2c639aa0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Fri, 28 Jul 2023 16:29:55 +0300 Subject: [PATCH 01/11] Added non-critical CSS attributes when defer parameter pass on css element in default_head_blocks.xml. --- .../Framework/View/Page/Config/Renderer.php | 42 +++++++++++++++---- 1 file changed, 35 insertions(+), 7 deletions(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index 80f6fcbfc1b54..8d67a1824f912 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -344,31 +344,59 @@ protected function getGroupAttributes($group) * Add default attributes * * @param string $contentType - * @param string $attributes + * @param array|null $attributes * @return string */ protected function addDefaultAttributes($contentType, $attributes) { + $attributesString = ''; + $defaultAttributes = []; + if ($contentType === 'js') { - return ' type="text/javascript" ' . $attributes; + $defaultAttributes['type'] = 'text/javascript'; } if ($contentType === 'css') { - return ' rel="stylesheet" type="text/css" ' . ($attributes ?: ' media="all"'); + $defaultAttributes['rel'] = 'stylesheet'; + $defaultAttributes['type'] = 'text/css'; + + if (empty($attributes)) { + $attributes['media'] = 'all'; + } + + if (is_array($attributes) && array_key_exists('defer', $attributes)) { + $defaultAttributes['rel'] = 'preload'; + $defaultAttributes['as'] = 'style'; + $defaultAttributes['onload'] = 'this.onload=null;this.rel=\'stylesheet\''; + + unset($attributes['defer']); + } } if ($this->canTypeBeFont($contentType)) { - return 'rel="preload" as="font" crossorigin="anonymous"'; + $defaultAttributes['type'] = 'preload'; + $defaultAttributes['as'] = 'font'; + $defaultAttributes['crossorigin'] = 'anonymous'; } - return $attributes; + // merge current attributes with default attributes + if ($attributes) { + $defaultAttributes = array_merge($defaultAttributes, $attributes); + } + + // convert attributes to string + foreach ($defaultAttributes as $name => $value) { + $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtml($value) . '"'; + } + + return $attributesString; } /** * Returns assets template * * @param string $contentType - * @param string|null $attributes + * @param array|null $attributes * @return string */ protected function getAssetTemplate($contentType, $attributes) @@ -411,7 +439,7 @@ protected function processIeCondition($groupHtml, $group) protected function renderAssetHtml(\Magento\Framework\View\Asset\PropertyGroup $group) { $assets = $this->processMerge($group->getAll(), $group); - $attributes = $this->getGroupAttributes($group); + $attributes = $group->getProperty('attributes'); $result = ''; $template = ''; From 7b65739755aba96a64101245eae49f6d3146e068 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Fri, 28 Jul 2023 17:56:58 +0300 Subject: [PATCH 02/11] Deferred css file added in noscript tag to work when javascript is disabled. --- .../Framework/View/Page/Config/Renderer.php | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index 8d67a1824f912..0f16d40288876 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -345,7 +345,7 @@ protected function getGroupAttributes($group) * * @param string $contentType * @param array|null $attributes - * @return string + * @return array */ protected function addDefaultAttributes($contentType, $attributes) { @@ -368,8 +368,6 @@ protected function addDefaultAttributes($contentType, $attributes) $defaultAttributes['rel'] = 'preload'; $defaultAttributes['as'] = 'style'; $defaultAttributes['onload'] = 'this.onload=null;this.rel=\'stylesheet\''; - - unset($attributes['defer']); } } @@ -381,15 +379,10 @@ protected function addDefaultAttributes($contentType, $attributes) // merge current attributes with default attributes if ($attributes) { - $defaultAttributes = array_merge($defaultAttributes, $attributes); - } - - // convert attributes to string - foreach ($defaultAttributes as $name => $value) { - $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtml($value) . '"'; + return array_merge($defaultAttributes, $attributes); } - return $attributesString; + return $defaultAttributes; } /** @@ -401,14 +394,22 @@ protected function addDefaultAttributes($contentType, $attributes) */ protected function getAssetTemplate($contentType, $attributes) { + $attributesString = ''; + foreach ($attributes as $name => $value) { + $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtml($value) . '"'; + } + switch ($contentType) { case 'js': - $groupTemplate = '' . "\n"; + $groupTemplate = '' . "\n"; break; case 'css': default: - $groupTemplate = '' . "\n"; + $groupTemplate = '' . "\n"; + if (array_key_exists('defer', $attributes)) { + $groupTemplate .= '' . "\n"; + } break; } return $groupTemplate; From c9a52f3bb9c38ef816c94bb486224d89bc37d4bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Sat, 29 Jul 2023 11:11:35 +0300 Subject: [PATCH 03/11] type=preload mistake fixed. --- lib/internal/Magento/Framework/View/Page/Config/Renderer.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index 0f16d40288876..ed6f655e82263 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -364,6 +364,7 @@ protected function addDefaultAttributes($contentType, $attributes) $attributes['media'] = 'all'; } + // add defer attributes when defer parameter is exist if (is_array($attributes) && array_key_exists('defer', $attributes)) { $defaultAttributes['rel'] = 'preload'; $defaultAttributes['as'] = 'style'; @@ -372,7 +373,7 @@ protected function addDefaultAttributes($contentType, $attributes) } if ($this->canTypeBeFont($contentType)) { - $defaultAttributes['type'] = 'preload'; + $defaultAttributes['rel'] = 'preload'; $defaultAttributes['as'] = 'font'; $defaultAttributes['crossorigin'] = 'anonymous'; } From 35a726055352f3c97f4017593c7ae8b69d3abf90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Fri, 4 Aug 2023 18:02:47 +0300 Subject: [PATCH 04/11] Updated RendererTest inputs. --- .../Framework/View/Page/Config/Renderer.php | 10 +++---- .../Test/Unit/Page/Config/RendererTest.php | 26 +++++++++---------- 2 files changed, 17 insertions(+), 19 deletions(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index ed6f655e82263..e3b863429162b 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -349,6 +349,9 @@ protected function getGroupAttributes($group) */ protected function addDefaultAttributes($contentType, $attributes) { + $attributes = is_array($attributes) + ? $attributes + : []; $attributesString = ''; $defaultAttributes = []; @@ -378,12 +381,7 @@ protected function addDefaultAttributes($contentType, $attributes) $defaultAttributes['crossorigin'] = 'anonymous'; } - // merge current attributes with default attributes - if ($attributes) { - return array_merge($defaultAttributes, $attributes); - } - - return $defaultAttributes; + return array_merge($defaultAttributes, $attributes); } /** diff --git a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php index d28358e177d07..a49e4bea7d782 100644 --- a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php +++ b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php @@ -426,24 +426,24 @@ public function dataProviderRenderAssets(): array return [ [ ['type' => 'css', 'attributes' => '', 'condition' => null], - ['type' => 'js', 'attributes' => 'attr="value"', 'condition' => null], - '' . "\n" - . '' . "\n" - . '' . "\n" + ['type' => 'js', 'attributes' => ['attr' => 'value'], 'condition' => null], + '' . "\n" + . '' . "\n" + . '' . "\n" ], [ ['type' => 'js', 'attributes' => ['attr' => 'value'], 'condition' => 'lt IE 7'], - ['type' => 'css', 'attributes' => 'attr="value"', 'condition' => null], - '' . "\n" + ['type' => 'css', 'attributes' => ['attr' => 'value'], 'condition' => null], + '' . "\n" . '' . "\n" ], [ - ['type' => 'ico', 'attributes' => 'attr="value"', 'condition' => null], + ['type' => 'ico', 'attributes' => ['attr' => 'value'], 'condition' => null], ['type' => 'css', 'attributes' => '', 'condition' => null], - '' . "\n" + '' . "\n" . '' . "\n" . '' . "\n" ], @@ -451,8 +451,8 @@ public function dataProviderRenderAssets(): array ['type' => 'js', 'attributes' => '', 'condition' => null], ['type' => 'ico', 'attributes' => ['attr' => 'value'], 'condition' => null], '' . "\n" - . '' . "\n" - . '' . "\n" + . '' . "\n" + . '' . "\n" ], [ ['type' => 'non', 'attributes' => ['attr' => 'value'], 'condition' => null], @@ -492,7 +492,7 @@ public function testRenderAssetWithNoContentType() : void [ [GroupedCollection::PROPERTY_CAN_MERGE, true], [GroupedCollection::PROPERTY_CONTENT_TYPE, $type], - ['attributes', 'rel="some-rel"'], + ['attributes', ['rel' => 'some-rel']], ['ie_condition', null] ] ); From ad4e4cf9ffba33c8a140734fa387e86562344365 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Fri, 4 Aug 2023 18:24:11 +0300 Subject: [PATCH 05/11] Fixed double space problem between tagname and attributes. --- .../Framework/View/Page/Config/Renderer.php | 9 +++-- .../Test/Unit/Page/Config/RendererTest.php | 38 +++++++++---------- 2 files changed, 24 insertions(+), 23 deletions(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index e3b863429162b..6479b36abfa4c 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -371,7 +371,7 @@ protected function addDefaultAttributes($contentType, $attributes) if (is_array($attributes) && array_key_exists('defer', $attributes)) { $defaultAttributes['rel'] = 'preload'; $defaultAttributes['as'] = 'style'; - $defaultAttributes['onload'] = 'this.onload=null;this.rel=\'stylesheet\''; + $defaultAttributes['onload'] = 'this.onload=null;this.rel=\'stylesheet\';'; } } @@ -400,14 +400,15 @@ protected function getAssetTemplate($contentType, $attributes) switch ($contentType) { case 'js': - $groupTemplate = '' . "\n"; + $groupTemplate = '' . "\n"; break; case 'css': default: - $groupTemplate = '' . "\n"; + $groupTemplate = '' . "\n"; + if (array_key_exists('defer', $attributes)) { - $groupTemplate .= '' . "\n"; + $groupTemplate .= '' . "\n"; } break; } diff --git a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php index a49e4bea7d782..976cf67f17def 100644 --- a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php +++ b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php @@ -425,41 +425,41 @@ public function dataProviderRenderAssets(): array { return [ [ - ['type' => 'css', 'attributes' => '', 'condition' => null], + ['type' => 'css', 'attributes' => [], 'condition' => null], ['type' => 'js', 'attributes' => ['attr' => 'value'], 'condition' => null], - '' . "\n" - . '' . "\n" - . '' . "\n" + '' . "\n" + . '' . "\n" + . '' . "\n" ], [ ['type' => 'js', 'attributes' => ['attr' => 'value'], 'condition' => 'lt IE 7'], ['type' => 'css', 'attributes' => ['attr' => 'value'], 'condition' => null], - '' . "\n" + '' . "\n" . '' . "\n" ], [ ['type' => 'ico', 'attributes' => ['attr' => 'value'], 'condition' => null], - ['type' => 'css', 'attributes' => '', 'condition' => null], - '' . "\n" - . '' . "\n" - . '' . "\n" + ['type' => 'css', 'attributes' => [], 'condition' => null], + '' . "\n" + . '' . "\n" + . '' . "\n" ], [ - ['type' => 'js', 'attributes' => '', 'condition' => null], + ['type' => 'js', 'attributes' => [], 'condition' => null], ['type' => 'ico', 'attributes' => ['attr' => 'value'], 'condition' => null], - '' . "\n" - . '' . "\n" - . '' . "\n" + '' . "\n" + . '' . "\n" + . '' . "\n" ], [ ['type' => 'non', 'attributes' => ['attr' => 'value'], 'condition' => null], - ['type' => 'ico', 'attributes' => '', 'condition' => null], + ['type' => 'ico', 'attributes' => [], 'condition' => null], '' . "\n" - . '' . "\n" - . '' . "\n" + . '' . "\n" + . '' . "\n" ] ]; } @@ -506,7 +506,7 @@ public function testRenderAssetWithNoContentType() : void ->willReturn([$groupMockOne]); $this->assertEquals( - '' . "\n", + '' . "\n", $this->renderer->renderAssets($this->renderer->getAvailableResultGroups()) ); } From 86ed4e633a33450d34f16e4f241b557cbb9c6895 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Fri, 4 Aug 2023 21:01:44 +0300 Subject: [PATCH 06/11] Unit test added for defer attribute. --- .../View/Test/Unit/Page/Config/RendererTest.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php index 976cf67f17def..f8226bc512356 100644 --- a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php +++ b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php @@ -431,6 +431,15 @@ public function dataProviderRenderAssets(): array . '' . "\n" . '' . "\n" ], + [ + ['type' => 'css', 'attributes' => ['defer' => "true"], 'condition' => null], + ['type' => 'js', 'attributes' => ['defer' => "true"], 'condition' => null], + '' . "\n" + . '' . "\n" + . '' . "\n" + . '' . "\n" + . '' . "\n" + ], [ ['type' => 'js', 'attributes' => ['attr' => 'value'], 'condition' => 'lt IE 7'], ['type' => 'css', 'attributes' => ['attr' => 'value'], 'condition' => null], From 6a868e1f60ca5873912209f94afc1fa15f581ead Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Mon, 7 Aug 2023 08:24:20 +0300 Subject: [PATCH 07/11] Unused local variable removed. --- lib/internal/Magento/Framework/View/Page/Config/Renderer.php | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index 6479b36abfa4c..0a9681b81fd43 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -352,7 +352,6 @@ protected function addDefaultAttributes($contentType, $attributes) $attributes = is_array($attributes) ? $attributes : []; - $attributesString = ''; $defaultAttributes = []; if ($contentType === 'js') { From 36917b9079c3bea4f431a4c5f2057d746d1bcc4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Mon, 7 Aug 2023 09:20:31 +0300 Subject: [PATCH 08/11] Removed unnecessary defer attribute from CSS output. --- .../Framework/View/Page/Config/Renderer.php | 4 ++++ .../Test/Unit/Page/Config/RendererTest.php | 24 +++++++++---------- 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index 0a9681b81fd43..2ed0b352fa055 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -394,6 +394,10 @@ protected function getAssetTemplate($contentType, $attributes) { $attributesString = ''; foreach ($attributes as $name => $value) { + + // don't add defer attribute to css output + if ($contentType === 'css' && $name === 'defer') continue; + $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtml($value) . '"'; } diff --git a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php index f8226bc512356..406f119d26a2b 100644 --- a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php +++ b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php @@ -434,9 +434,9 @@ public function dataProviderRenderAssets(): array [ ['type' => 'css', 'attributes' => ['defer' => "true"], 'condition' => null], ['type' => 'js', 'attributes' => ['defer' => "true"], 'condition' => null], - '' . "\n" + '' . "\n" // phpcs:ignore . '' . "\n" - . '' . "\n" + . '' . "\n" // phpcs:ignore . '' . "\n" . '' . "\n" ], @@ -444,31 +444,31 @@ public function dataProviderRenderAssets(): array ['type' => 'js', 'attributes' => ['attr' => 'value'], 'condition' => 'lt IE 7'], ['type' => 'css', 'attributes' => ['attr' => 'value'], 'condition' => null], '' . "\n" - . '' . "\n" + . '' . "\n" ], [ ['type' => 'ico', 'attributes' => ['attr' => 'value'], 'condition' => null], ['type' => 'css', 'attributes' => [], 'condition' => null], '' . "\n" - . '' . "\n" - . '' . "\n" + . '' . "\n" + . '' . "\n" ], [ ['type' => 'js', 'attributes' => [], 'condition' => null], ['type' => 'ico', 'attributes' => ['attr' => 'value'], 'condition' => null], '' . "\n" - . '' . "\n" - . '' . "\n" + . '' . "\n" + . '' . "\n" ], [ ['type' => 'non', 'attributes' => ['attr' => 'value'], 'condition' => null], ['type' => 'ico', 'attributes' => [], 'condition' => null], '' . "\n" - . '' . "\n" - . '' . "\n" + . '' . "\n" + . '' . "\n" ] ]; } From f8d0db8e907e9ee4b76990aa430345a86c28f666 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Mon, 7 Aug 2023 09:58:16 +0300 Subject: [PATCH 09/11] Fixed: PHPCS Inline control structures. --- .../Magento/Framework/View/Page/Config/Renderer.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index 2ed0b352fa055..a1d99d865825e 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -367,7 +367,7 @@ protected function addDefaultAttributes($contentType, $attributes) } // add defer attributes when defer parameter is exist - if (is_array($attributes) && array_key_exists('defer', $attributes)) { + if (array_key_exists('defer', $attributes)) { $defaultAttributes['rel'] = 'preload'; $defaultAttributes['as'] = 'style'; $defaultAttributes['onload'] = 'this.onload=null;this.rel=\'stylesheet\';'; @@ -396,7 +396,9 @@ protected function getAssetTemplate($contentType, $attributes) foreach ($attributes as $name => $value) { // don't add defer attribute to css output - if ($contentType === 'css' && $name === 'defer') continue; + if ($contentType === 'css' && $name === 'defer') { + continue; + } $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtml($value) . '"'; } From 33fa19245262e9c07a4f40b791fa97f95b9f5d45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Mon, 14 Aug 2023 23:20:44 +0300 Subject: [PATCH 10/11] escapeHtmlAttr function is used in the head element values for security reasons. --- .../Magento/Framework/View/Page/Config/Renderer.php | 2 +- .../Framework/View/Test/Unit/Page/Config/RendererTest.php | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index a1d99d865825e..c0375aba9d7e2 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -400,7 +400,7 @@ protected function getAssetTemplate($contentType, $attributes) continue; } - $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtml($value) . '"'; + $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtmlAttr($value) . '"'; } switch ($contentType) { diff --git a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php index 406f119d26a2b..3e1cf2f63bf2f 100644 --- a/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php +++ b/lib/internal/Magento/Framework/View/Test/Unit/Page/Config/RendererTest.php @@ -112,7 +112,7 @@ protected function setUp(): void ->disableOriginalConstructor() ->getMock(); $this->escaperMock->expects($this->any()) - ->method('escapeHtml') + ->method('escapeHtmlAttr') ->willReturnArgument(0); $this->stringMock = $this->getMockBuilder(StringUtils::class) @@ -434,9 +434,9 @@ public function dataProviderRenderAssets(): array [ ['type' => 'css', 'attributes' => ['defer' => "true"], 'condition' => null], ['type' => 'js', 'attributes' => ['defer' => "true"], 'condition' => null], - '' . "\n" // phpcs:ignore + '' . "\n" //phpcs:ignore . '' . "\n" - . '' . "\n" // phpcs:ignore + . '' . "\n" //phpcs:ignore . '' . "\n" . '' . "\n" ], From 90c50ef7ff8470a031f8808519588451a8789eba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nurullah=20Sevin=C3=A7tekin?= Date: Thu, 24 Aug 2023 11:04:40 +0300 Subject: [PATCH 11/11] escapeHtmlAttr is used in getGroupAttributes value. --- lib/internal/Magento/Framework/View/Page/Config/Renderer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php index c0375aba9d7e2..ecc3696a6767c 100644 --- a/lib/internal/Magento/Framework/View/Page/Config/Renderer.php +++ b/lib/internal/Magento/Framework/View/Page/Config/Renderer.php @@ -330,7 +330,7 @@ protected function getGroupAttributes($group) if (is_array($attributes)) { $attributesString = ''; foreach ($attributes as $name => $value) { - $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtml($value) . '"'; + $attributesString .= ' ' . $name . '="' . $this->escaper->escapeHtmlAttr($value) . '"'; } $attributes = $attributesString; } else {