Magento2: quotes not escaped for translations of "Not you?" message in persistent header

Created on 11 Jul 2016  路  8Comments  路  Source: magento/magento2

Steps to reproduce

  1. Install Magento 2.1.
  2. Install the French translation package by Imaginaerum (https://github.com/Imaginaerum/magento2-language-fr-fr).
  3. Set up to stores, the first with the default locale (en_US), the second with the locale fr_FR.
  4. Do whatever you have to do (activate the persistent shopping cart in the settings, make sure the settings are correct, create a customer account, log into that account, log out again, etc.) do get the "Not you?" message in the header in the store for en_US.

  5. Switch to the French store.

    Expected result

  6. No Javascript errors. In the header the message "Ce n'est pas vous?" should be displayed.

    Actual result

  7. You get the following Javascript error: SyntaxError: missing ; before statement (at least in Firefox, the wording will vary depending on the browser used). The problem will become particularly noticable if you go to the shopping cart page (while having something in the cart) in the store for fr_FR, since the cart summary will not render correctly as a consequence of the first Javascript error.

    Underling problem

In the file vendor/magento/module-persistent/Block/Header/Additional.php in the method _toHtml() the translation of the message "Not you?" is not escaped.

distributed-cd Clear Description Confirmed Format is not valid Ready for Work Reproduced on 2.1.x Reproduced on 2.2.x Reproduced on 2.3.x bug report
Source
picture ktruehl
👍1

Most helpful comment

I found another occurrence in vendor/magento/module-theme/Block/Html/Header.php in the method getWelcome(). Here the translation of the welcome message is not escaped. In French it's "Message d'accueil par d茅faut".

picture ktruehl on 15 Jul 2016
👍3

All 8 comments

I found another occurrence in vendor/magento/module-theme/Block/Html/Header.php in the method getWelcome(). Here the translation of the welcome message is not escaped. In French it's "Message d'accueil par d茅faut".

ktruehl picture ktruehl on 15 Jul 2016
👍3

@ktruehl thank you for your report.
Unfortunately I was not able to reproduce this problem.
Please provide some additional information like information about your environment: versions of PHP, MySQL, web server, Firefox versions. Was a new installation or upgrade from some previous version?
Please also provide screenshots for both described cases.

veloraven picture veloraven on 4 Aug 2016

MySQL 5.6, PHP 7.0.8, apache, reproducible in any browser. Look at the source code. You'll see why it will have to go wrong, if the welcome message contains a single quote.

ktruehl picture ktruehl on 4 Aug 2016

still present in 2.1.1

heldchen picture heldchen on 30 Aug 2016

I've created an internal ticket MAGETWO-58020 for this issue and linked it to this one.

andimov picture andimov on 2 Sep 2016

issue is still present in 2.1.4

bh-ref picture bh-ref on 20 Feb 2017

@ktruehl, thank you for your report.
We've created internal ticket(s) MAGETWO-58020 to track progress on the issue.

magento-engcom-team picture magento-engcom-team on 19 Oct 2017

According to comment in closed pull request this issue has been fixed in 2.2-develop branch

sidolov picture sidolov on 14 Apr 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jzalenski picture jzalenski  路  3Comments
PascalBrouwers picture PascalBrouwers  路  3Comments
BenSpace48 picture BenSpace48  路  3Comments
phirunson picture phirunson  路  3Comments
comunidademagento picture comunidademagento  路  3Comments