diff --git a/lib/internal/Magento/Framework/Escaper.php b/lib/internal/Magento/Framework/Escaper.php index dae830dd889dc..dae5d99960f0f 100644 --- a/lib/internal/Magento/Framework/Escaper.php +++ b/lib/internal/Magento/Framework/Escaper.php @@ -291,7 +291,7 @@ public function escapeUrl($string) */ public function encodeUrlParam($string) { - return $this->getEscaper()->escapeUrl($string); + return $this->getEscaper()->escapeUrl((string)$string); } /** @@ -330,7 +330,7 @@ function ($matches) { */ public function escapeCss($string) { - return $this->getEscaper()->escapeCss($string); + return $this->getEscaper()->escapeCss((string)$string); } /** diff --git a/lib/internal/Magento/Framework/Test/Unit/EscaperTest.php b/lib/internal/Magento/Framework/Test/Unit/EscaperTest.php index 67dac40863ad4..91cc99d09c6a3 100644 --- a/lib/internal/Magento/Framework/Test/Unit/EscaperTest.php +++ b/lib/internal/Magento/Framework/Test/Unit/EscaperTest.php @@ -364,6 +364,76 @@ public function testEscapeUrl(string $data, string $expected): void $this->assertEquals($expected, $this->escaper->escapeUrl($expected)); } + /** + * @covers \Magento\Framework\Escaper::escapeCss + * + * @param string $data + * @param string $expected + * @return void + * + * @dataProvider escapeCssDataProvider + */ + public function testEscapeCss($data, string $expected): void + { + $this->assertEquals($expected, $this->escaper->escapeCss($data)); + } + + /** + * @return array + */ + public function escapeCssDataProvider(): array + { + return [ + [ + 'data' => 1, + 'expected' => '1', + ], + [ + 'data' => '*%string{foo}%::', + 'expected' => '\2A \25 string\7B foo\7D \25 \3A \3A ', + ] + ]; + } + + /** + * @covers \Magento\Framework\Escaper::encodeUrlParam + * + * @param string $data + * @param string $expected + * @return void + * + * @dataProvider encodeUrlParamDataProvider + */ + public function testEncodeUrlParam($data, string $expected): void + { + $this->assertEquals($expected, $this->escaper->encodeUrlParam($data)); + } + + /** + * @return array + */ + public function encodeUrlParamDataProvider(): array + { + return [ + [ + 'data' => "a3==", + 'expected' => "a3%3D%3D", + ], + [ + 'data' => "example string", + 'expected' => "example%20string", + ], + [ + 'data' => 1, + 'expected' => "1", + ], + [ + 'data' => null, + 'expected' => "", + ] + ]; + } + /** * @return array */ diff --git a/lib/internal/Magento/Framework/Url/RouteParamsResolver.php b/lib/internal/Magento/Framework/Url/RouteParamsResolver.php index eac9005e68548..3d5b559e97843 100644 --- a/lib/internal/Magento/Framework/Url/RouteParamsResolver.php +++ b/lib/internal/Magento/Framework/Url/RouteParamsResolver.php @@ -112,7 +112,7 @@ public function setRouteParams(array $data, $unsetOldParams = true) } else { $this->setRouteParam( $this->getEscaper()->encodeUrlParam($key), - $this->getEscaper()->encodeUrlParam($value) + $this->getEscaper()->encodeUrlParam((string)$value) ); } }