MAGETWO-99387: Prohibit usage of native htmlspecialchars()

davemacaulay · davemacaulay · commit ea17f9ad1c6e · 2019-04-29T14:42:40.000+02:00
diff --git a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php
@@ -218,5 +218,6 @@ class DiscouragedFunctionSniff extends ForbiddenFunctionsSniff
         '^is_null$' => 'strict comparison "=== null"',
         '^intval$' => '(int) construction',
         '^strval$' => '(string) construction',
+        '^htmlspecialchars$' => '\Magento\Framework\Escaper->escapeHtml',
     ];
 }
diff --git a/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc b/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc
@@ -462,3 +462,5 @@ $int = intval($int);
 $str = chop($text, 'ttt');
 
 md5($text);
+
+htmlspecialchars('text');
diff --git a/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.php b/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.php
@@ -249,6 +249,7 @@ public function getWarningList()
             458 => 1,
             460 => 1,
             462 => 1,
+            466 => 1
         ];
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -218,5 +218,6 @@ class DiscouragedFunctionSniff extends ForbiddenFunctionsSniff`
`218`	`218`	`'^is_null$' => 'strict comparison "=== null"',`
`219`	`219`	`'^intval$' => '(int) construction',`
`220`	`220`	`'^strval$' => '(string) construction',`
	`221`	`+ '^htmlspecialchars$' => '\Magento\Framework\Escaper->escapeHtml',`
`221`	`222`	`];`
`222`	`223`	`}`
Original file line number	Diff line number	Diff line change
`@@ -249,6 +249,7 @@ public function getWarningList()`
`249`	`249`	`458 => 1,`
`250`	`250`	`460 => 1,`
`251`	`251`	`462 => 1,`
	`252`	`+ 466 => 1`
`252`	`253`	`];`
`253`	`254`	`}`
`254`	`255`	`}`