Magento2: escapeHtml not working for tags with attributes

Created on 12 Apr 2017 · 3Comments · Source: magento/magento2

Preconditions

Magento Enterprise 2.1.4
PHP 7.0.13

Steps to reproduce

Add the following to any template file. Works e.g. in logo.phtml.
<?php echo $block->escapeHtml('<a href="#">standard link</a>', ['a']); ?>
compare output with
<?php echo $block->escapeHtml('<a>standard link</a>', ['a']); ?>
Replicates with other tags e.g. <p> vs <p class=''>

Expected result

Tag escaping works regardless of tag attributes and not only for very simple tags such as <br/>
HTML: <a href="#">standard link</a> <a>standard link</a>

Actual result

wth
HTML: <a href="#">standard link <a>standard link</a>

Cannot Reproduce Clear Description Format is valid bug report

Source

magentomaniac

👍2

All 3 comments

Experiencing same issue with CE 2.1.4. For my issue, I had to change the code
FROM:
TO:

Note the data-bind type.

digitalredefned on 12 Apr 2017

😕2

This issue is resolved in updated version of magento 2.2 CE not sure in Enterprise version.

drsndodiya on 24 Apr 2017

@magentomaniac, thank you for your report.
We were not able to reproduce this issue by following the steps you provided. If you'd like to update it, please reopen the issue.
We tested the issue on 2.1.9

magento-engcom-team on 4 Oct 2017

Was this page helpful?

0 / 5 - 0 ratings

Related issues

i18n lacks option to collect only frontend phrases

kandrejevs · 3Comments

Issue with drag&drop setting bulk Images for configurable products

fvillata · 3Comments

Static content deploy - Errors aren't very helpful

BenSpace48 · 3Comments

sampledata:deploy fails with the message «No such file or directory» when a third-party composer package contains multiple Magento 2 modules (and my fix)

dmitry-fedyuk · 3Comments

Merge JavaScript Files does not work

andreaskoch · 3Comments