From 93ec6ea5801e6fae870e3dc91d821a6f67a5d3e0 Mon Sep 17 00:00:00 2001 From: Matthias Zeis Date: Mon, 11 Dec 2017 18:40:20 +0100 Subject: [PATCH] Remove @escapeNotVerified from documentation As `@escapeNotVerified` must not be used from 2.2 going onwards (also compare [2.1](http://devdocs.magento.com/guides/v2.1/frontend-dev-guide/templates/template-security.html#Static-Test) and [2.2](http://devdocs.magento.com/guides/v2.2/frontend-dev-guide/templates/template-security.html) documentation), the inline documentation for this test has to be updated. --- .../Magento/Test/Php/XssPhtmlTemplateTest.php | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/dev/tests/static/testsuite/Magento/Test/Php/XssPhtmlTemplateTest.php b/dev/tests/static/testsuite/Magento/Test/Php/XssPhtmlTemplateTest.php index 34531b6b7c658..fac14af5ecab8 100644 --- a/dev/tests/static/testsuite/Magento/Test/Php/XssPhtmlTemplateTest.php +++ b/dev/tests/static/testsuite/Magento/Test/Php/XssPhtmlTemplateTest.php @@ -27,16 +27,14 @@ public function testXssSensitiveOutput() * Static test will cover the following cases: * * 1. /\* @noEscape \*\/ before output. Output doesn't require escaping. Test is green. - * 2. /\* @escapeNotVerified \*\/ before output. Output escaping is not checked and - * should be verified. Test is green. - * 3. Methods which contains "html" in their names (e.g. echo $object->{suffix}Html{postfix}() ). + * 2. Methods which contains "html" in their names (e.g. echo $object->{suffix}Html{postfix}() ). * Data is ready for the HTML output. Test is green. - * 4. AbstractBlock methods escapeHtml, escapeUrl, escapeQuote, escapeXssInUrl are allowed. Test is green. - * 5. Type casting and php function count() are allowed + * 3. AbstractBlock methods escapeHtml, escapeUrl, escapeQuote, escapeXssInUrl are allowed. Test is green. + * 4. Type casting and php function count() are allowed * (e.g. echo (int)$var, echo (float)$var, echo (bool)$var, echo count($var)). Test is green. - * 6. Output in single quotes (e.g. echo 'some text'). Test is green. - * 7. Output in double quotes without variables (e.g. echo "some text"). Test is green. - * 8. Other of p.1-7. Output is not escaped. Test is red. + * 5. Output in single quotes (e.g. echo 'some text'). Test is green. + * 6. Output in double quotes without variables (e.g. echo "some text"). Test is green. + * 7. Other of p.1-6. Output is not escaped. Test is red. * * @param string $file */