Skip to content

Commit 463c460

Browse files
author
Timon de Groot
committed
Add escaping to alt tags
1 parent 56fde6c commit 463c460

File tree

2 files changed

+12
-12
lines changed

2 files changed

+12
-12
lines changed

app/code/Magento/Catalog/view/frontend/templates/product/image.phtml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,9 @@
1010
?>
1111

1212
<img class="photo image <?= $escaper->escapeHtmlAttr($block->getClass()) ?>"
13-
<?= $escaper->escapeHtml($block->getCustomAttributes()) ?>
14-
src="<?= $escaper->escapeUrl($block->getImageUrl()) ?>"
15-
loading="lazy"
16-
width="<?= $escaper->escapeHtmlAttr($block->getWidth()) ?>"
17-
height="<?= $escaper->escapeHtmlAttr($block->getHeight()) ?>"
18-
alt="<?= /* @noEscape */ $block->stripTags($block->getLabel(), null, true) ?>" />
13+
<?= $escaper->escapeHtml($block->getCustomAttributes()) ?>
14+
src="<?= $escaper->escapeUrl($block->getImageUrl()) ?>"
15+
loading="lazy"
16+
width="<?= $escaper->escapeHtmlAttr($block->getWidth()) ?>"
17+
height="<?= $escaper->escapeHtmlAttr($block->getHeight()) ?>"
18+
alt="<?= $escaper->escapeHtmlAttr($block->getLabel()) ?>" />

app/code/Magento/Catalog/view/frontend/templates/product/image_with_borders.phtml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,10 @@
1414
<span class="product-image-wrapper"
1515
style="padding-bottom: <?= ($block->getRatio() * 100) ?>%;">
1616
<img class="<?= $escaper->escapeHtmlAttr($block->getClass()) ?>"
17-
<?= $escaper->escapeHtmlAttr($block->getCustomAttributes()) ?>
18-
src="<?= $escaper->escapeUrl($block->getImageUrl()) ?>"
19-
loading="lazy"
20-
width="<?= $escaper->escapeHtmlAttr($block->getWidth()) ?>"
21-
height="<?= $escaper->escapeHtmlAttr($block->getHeight()) ?>"
22-
alt="<?= /* @noEscape */ $block->stripTags($block->getLabel(), null, true) ?>"/></span>
17+
<?= $escaper->escapeHtmlAttr($block->getCustomAttributes()) ?>
18+
src="<?= $escaper->escapeUrl($block->getImageUrl()) ?>"
19+
loading="lazy"
20+
width="<?= $escaper->escapeHtmlAttr($block->getWidth()) ?>"
21+
height="<?= $escaper->escapeHtmlAttr($block->getHeight()) ?>"
22+
alt="<?= $escaper->escapeHtmlAttr($block->getLabel()) ?>"/></span>
2323
</span>

0 commit comments

Comments
 (0)