Merge pull request #572 from magento-jackalopes/MAGETWO-57251-eliminate-escapenotverified

Fixed Issue:

 - MAGETWO-57251 Eliminate @escapeNotVerified in CMS-Related Modules -translation function calls

Author: sdwright

app/code/Magento/CatalogWidget/view/frontend/templates/product/widget/content/grid.phtml

@@ -15,7 +15,6 @@
     $mode = 'grid';
 
     $image = 'new_products_content_widget_grid';
-    $title = $block->getTitle() ? __($block->getTitle()) : '';
     $items = $block->getProductCollection()->getItems();
 
     $showWishlist = true;
@@ -25,9 +24,9 @@
     $description = false;
 ?>
     <div class="block widget block-products-list <?php /* @noEscape */ echo $mode; ?>">
-        <?php if ($title): ?>
+        <?php if ($block->getTitle()): ?>
         <div class="block-title">
-            <strong><?php echo $block->escapeHtml($title); ?></strong>
+            <strong><?php echo $block->escapeHtml(__($block->getTitle())); ?></strong>
         </div>
         <?php endif ?>
         <div class="block-content">
@@ -64,27 +63,23 @@
                                             <div class="actions-primary">
                                                 <?php if ($_item->isSaleable()): ?>
                                                     <?php if ($_item->getTypeInstance()->hasRequiredOptions($_item)): ?>
-                                                        <button class="action tocart primary"
-                                                                data-mage-init='{"redirectUrl":{"url":"<?php echo $block->escapeUrl($block->getAddToCartUrl($_item)) ?>"}}'
-                                                                type="button" title="<?php /* @escapeNotVerified */ echo __('Add to Cart') ?>">
-                                                            <span><?php /* @escapeNotVerified */ echo __('Add to Cart') ?></span>
+                                                        <button class="action tocart primary" data-mage-init='{"redirectUrl":{"url":"<?php echo $block->escapeUrl($block->getAddToCartUrl($_item)) ?>"}}' type="button" title="<?php echo $block->escapeHtmlAttr(__('Add to Cart')) ?>">
+                                                            <span><?php echo $block->escapeHtml(__('Add to Cart')) ?></span>
                                                         </button>
                                                     <?php else: ?>
                                                         <?php
                                                             $postDataHelper = $this->helper('Magento\Framework\Data\Helper\PostHelper');
                                                             $postData = $postDataHelper->getPostData($block->getAddToCartUrl($_item), ['product' => $_item->getEntityId()])
                                                         ?>
-                                                        <button class="action tocart primary"
-                                                                data-post='<?php /* @noEscape */ echo $postData; ?>'
-                                                                type="button" title="<?php /* @escapeNotVerified */ echo __('Add to Cart') ?>">
-                                                            <span><?php /* @escapeNotVerified */ echo __('Add to Cart') ?></span>
+                                                        <button class="action tocart primary" data-post='<?php /* @noEscape */ echo $postData; ?>' type="button" title="<?php echo $block->escapeHtmlAttr(__('Add to Cart')) ?>">
+                                                            <span><?php echo $block->escapeHtml(__('Add to Cart')) ?></span>
                                                         </button>
                                                     <?php endif; ?>
                                                 <?php else: ?>
                                                     <?php if ($_item->getIsSalable()): ?>
-                                                        <div class="stock available"><span><?php /* @escapeNotVerified */ echo __('In stock') ?></span></div>
+                                                        <div class="stock available"><span><?php echo $block->escapeHtml(__('In stock')) ?></span></div>
                                                     <?php else: ?>
-                                                        <div class="stock unavailable"><span><?php /* @escapeNotVerified */ echo __('Out of stock') ?></span></div>
+                                                        <div class="stock unavailable"><span><?php echo $block->escapeHtml(__('Out of stock')) ?></span></div>
                                                     <?php endif; ?>
                                                 <?php endif; ?>
                                             </div>
@@ -93,18 +88,14 @@
                                             <div class="actions-secondary" data-role="add-to-links">
                                                 <?php if ($this->helper('Magento\Wishlist\Helper\Data')->isAllow() && $showWishlist): ?>
                                                     <a href="#"
-                                                       data-post='<?php /* @noEscape */ echo $block->getAddToWishlistParams($_item); ?>'
-                                                       class="action towishlist" data-action="add-to-wishlist"
-                                                       title="<?php /* @escapeNotVerified */ echo __('Add to Wish List') ?>">
-                                                        <span><?php /* @escapeNotVerified */ echo __('Add to Wish List') ?></span>
+                                                       data-post='<?php /* @noEscape */ echo $block->getAddToWishlistParams($_item); ?>' class="action towishlist" data-action="add-to-wishlist" title="<?php echo $block->escapeHtmlAttr(__('Add to Wish List')) ?>">
+                                                        <span><?php echo $block->escapeHtml(__('Add to Wish List')) ?></span>
                                                     </a>
                                                 <?php endif; ?>
                                                 <?php if ($block->getAddToCompareUrl() && $showCompare): ?>
                                                     <?php $compareHelper = $this->helper('Magento\Catalog\Helper\Product\Compare');?>
-                                                    <a href="#" class="action tocompare"
-                                                       data-post='<?php /* @noEscape */ echo $compareHelper->getPostDataParams($_item);?>'
-                                                       title="<?php /* @escapeNotVerified */ echo __('Add to Compare') ?>">
-                                                        <span><?php /* @escapeNotVerified */ echo __('Add to Compare') ?></span>
+                                                    <a href="#" class="action tocompare" data-post='<?php /* @noEscape */ echo $compareHelper->getPostDataParams($_item);?>' title="<?php echo $block->escapeHtmlAttr(__('Add to Compare')) ?>">
+                                                        <span><?php echo $block->escapeHtml(__('Add to Compare')) ?></span>
                                                     </a>
                                                 <?php endif; ?>
                                             </div>

app/code/Magento/Cms/view/adminhtml/templates/browser/content/files.phtml

@@ -21,11 +21,11 @@ $_height = $block->getImagesHeight();
         <?php endif; ?>
         </p>
         <?php if ($block->getFileWidth($file)): ?>
-            <small><?php echo $block->escapeHtml($block->getFileWidth($file)) ?>x<?php echo $block->escapeHtml($block->getFileHeight($file)) ?> <?php /* @escapeNotVerified */ echo __('px.') ?></small><br/>
+            <small><?php echo $block->escapeHtml($block->getFileWidth($file)) ?>x<?php echo $block->escapeHtml($block->getFileHeight($file)) ?> <?php echo $block->escapeHtml(__('px.')) ?></small><br/>
         <?php endif; ?>
         <small><?php echo $block->escapeHtml($block->getFileShortName($file)); ?></small>
     </div>
     <?php endforeach; ?>
 <?php else: ?>
-    <div class="empty"><?php /* @escapeNotVerified */ echo __('No files found') ?></div>
+    <div class="empty"><?php echo $block->escapeHtml(__('No files found')) ?></div>
 <?php endif; ?>

app/code/Magento/Cms/view/adminhtml/templates/browser/content/uploader.phtml

@@ -11,7 +11,7 @@
 
 <div id="<?php echo $block->getHtmlId() ?>" class="uploader">
     <span class="fileinput-button form-buttons">
-        <span><?php /* @escapeNotVerified */ echo __('Browse Files...') ?></span>
+        <span><?php echo $block->escapeHtml(__('Browse Files...')) ?></span>
         <input class="fileupload" type="file" name="<?php echo $block->escapeHtmlAttr($block->getConfig()->getFileField()) ?>" data-url="<?php echo $block->escapeUrl($block->getConfig()->getUrl()) ?>" multiple>
     </span>
     <div class="clear"></div>

app/code/Magento/Cms/view/adminhtml/templates/browser/tree.phtml

@@ -11,9 +11,9 @@
 <div class="tree-panel" >
     <div class="categories-side-col">
         <div class="tree-actions">
-            <a onclick="jQuery('[data-role=tree]').jstree('close_all');"><?php /* @escapeNotVerified */ echo __('Collapse All'); ?></a>
+            <a onclick="jQuery('[data-role=tree]').jstree('close_all');"><?php echo $block->escapeHtml(__('Collapse All')) ?></a>
             <span class="separator">|</span>
-            <a onclick="jQuery('[data-role=tree]').jstree('open_all');"><?php /* @escapeNotVerified */ echo __('Expand All'); ?></a>
+            <a onclick="jQuery('[data-role=tree]').jstree('open_all');"><?php echo $block->escapeHtml(__('Expand All')) ?></a>
         </div>
     </div>
     <div data-role="tree" data-mage-init='<?php echo $block->escapeHtml($this->helper('Magento\Framework\Json\Helper\Data')->jsonEncode($block->getTreeWidgetOptions())); ?>'>

app/code/Magento/Cms/view/frontend/templates/widget/link/link_block.phtml

@@ -3,9 +3,13 @@
  * Copyright © 2016 Magento. All rights reserved.
  * See COPYING.txt for license details.
  */
+
+/**
+ * @var \Magento\Cms\Block\Widget\Page\Link $block
+ */
 ?>
 <div class="widget block block-cms-link">
-    <a <?php /* @escapeNotVerified */ echo $block->getLinkAttributes() ?>>
+    <a <?php /* @noEscape */ echo $block->getLinkAttributes() ?>>
         <span><?php echo $block->escapeHtml($block->getLabel()) ?></span>
     </a>
 </div>

app/code/Magento/Cms/view/frontend/templates/widget/link/link_inline.phtml

@@ -3,9 +3,13 @@
  * Copyright © 2016 Magento. All rights reserved.
  * See COPYING.txt for license details.
  */
+
+/**
+ * @var \Magento\Cms\Block\Widget\Page\Link $block
+ */
 ?>
 <span class="widget block block-cms-link-inline">
-    <a <?php /* @escapeNotVerified */ echo $block->getLinkAttributes() ?>>
+    <a <?php /* @noEscape */ echo $block->getLinkAttributes() ?>>
         <span><?php echo $block->escapeHtml($block->getLabel()) ?></span>
     </a>
 </span>

app/code/Magento/UrlRewrite/view/adminhtml/templates/categories.phtml

@@ -9,7 +9,7 @@
 /** @var \Magento\UrlRewrite\Block\Catalog\Category\Tree $block */
 ?>
 <fieldset class="admin__fieldset" data-ui-id="category-selector">
-    <legend class="admin__legend"><span><?php /* @escapeNotVerified */ echo __('Select Category') ?></span></legend>
+    <legend class="admin__legend"><span><?php echo $block->escapeHtml(__('Select Category')) ?></span></legend>
     <div class="content content-category-tree">
         <input type="hidden" name="categories" id="product_categories" value="" />
         <?php if ($block->getRoot()): ?>

app/code/Magento/Widget/view/adminhtml/templates/catalog/category/widget/tree.phtml

@@ -79,7 +79,7 @@ jQuery(function()
                 // Add empty node to reset category filter
                 if(!emptyNodeAdded) {
                     var empty = Object.clone(_node);
-                    empty.text = '<?php /* @escapeNotVerified */ echo __('None') ?>';
+                    empty.text = '<?php echo $block->escapeJs($block->escapeHtml(__('None'))); ?>';
                     empty.children = [];
                     empty.id = 'none';
                     empty.path = '1/none';

app/code/Magento/Widget/view/adminhtml/templates/instance/edit/layout.phtml

@@ -10,7 +10,7 @@
 
 ?>
 <fieldset class="fieldset">
-    <legend class="legend"><span><?php /* @escapeNotVerified */ echo __('Layout Updates') ?></span></legend>
+    <legend class="legend"><span><?php echo $block->escapeHtml(__('Layout Updates')); ?></span></legend>
     <br />
     <div class="widget-layout-updates">
         <div id="page_group_container"></div>

dev/tests/static/testsuite/Magento/Test/Php/_files/whitelist/exempt_modules/ce.php

@@ -13,10 +13,8 @@
     'Magento_CatalogInventory',
     'Magento_CatalogRule',
     'Magento_CatalogSearch',
-    'Magento_CatalogWidget',
     'Magento_Checkout',
     'Magento_CheckoutAgreements',
-    'Magento_Cms',
     'Magento_Config',
     'Magento_ConfigurableProduct',
     'Magento_CurrencySymbol',
@@ -47,8 +45,6 @@
     'Magento_Theme',
     'Magento_Translation',
     'Magento_Ui',
-    'Magento_UrlRewrite',
     'Magento_User',
     'Magento_Weee',
-    'Magento_Widget',
 ];