From a819d0ac9aecb672a3f9a6b57277998d01654e8d Mon Sep 17 00:00:00 2001 From: Ludo Date: Wed, 12 Jun 2024 20:05:27 +0200 Subject: [PATCH] escape titles that weren't (#3514) --- sections/footer.liquid | 4 ++-- sections/main-article.liquid | 2 +- sections/main-cart-footer.liquid | 26 +++++++++++++++++++------- sections/main-cart-items.liquid | 4 ++-- sections/main-order.liquid | 20 ++++++++++---------- snippets/cart-drawer.liquid | 28 ++++++++++++++++++++-------- 6 files changed, 54 insertions(+), 30 deletions(-) diff --git a/sections/footer.liquid b/sections/footer.liquid index ec86bd71708..fcf8604b61c 100644 --- a/sections/footer.liquid +++ b/sections/footer.liquid @@ -95,7 +95,7 @@ href="{{ link.url }}" class="link link--text list-menu__item list-menu__item--link{% if link.active %} list-menu__item--active{% endif %}" > - {{ link.title }} + {{ link.title | escape }} {%- endfor -%} @@ -303,7 +303,7 @@ {%- if policy != blank -%}
  • {{ policy.title }}{{ policy.title | escape }}
    • {%- endif -%} diff --git a/sections/main-article.liquid b/sections/main-article.liquid index 9f0208d149a..9152432ac55 100644 --- a/sections/main-article.liquid +++ b/sections/main-article.liquid @@ -85,7 +85,7 @@
    {% render 'icon-arrow' %} - {{ 'blogs.article.back_to_blog' | t: title: blog.title }} + {{ 'blogs.article.back_to_blog' | t: title: blog.title | escape }}
    {%- if blog.comments_enabled? -%} diff --git a/sections/main-cart-footer.liquid b/sections/main-cart-footer.liquid index 11c2ee06129..2cfae877191 100644 --- a/sections/main-cart-footer.liquid +++ b/sections/main-cart-footer.liquid @@ -50,7 +50,7 @@ {%- for discount in cart.cart_level_discount_applications -%}
  • {%- render 'icon-discount' -%} - {{ discount.title }} + {{ discount.title | escape }} (-{{ discount.total_allocated_amount | money }})
    • {%- endfor -%} @@ -68,25 +68,37 @@ {%- if shop.shipping_policy.body == blank -%} {{ 'sections.cart.duties_and_taxes_included_shipping_at_checkout_without_policy' | t }} {%- else -%} - {{ 'sections.cart.duties_and_taxes_included_shipping_at_checkout_with_policy_html' | t: link: shop.shipping_policy.url }} - {%- endif -%} + {{ + 'sections.cart.duties_and_taxes_included_shipping_at_checkout_with_policy_html' + | t: link: shop.shipping_policy.url + }} + {%- endif -%} {%- elsif cart.duties_included == false and cart.taxes_included -%} {%- if shop.shipping_policy.body == blank -%} {{ 'sections.cart.taxes_included_shipping_at_checkout_without_policy' | t }} {%- else -%} - {{ 'sections.cart.taxes_included_shipping_at_checkout_with_policy_html' | t: link: shop.shipping_policy.url }} - {%- endif -%} + {{ + 'sections.cart.taxes_included_shipping_at_checkout_with_policy_html' + | t: link: shop.shipping_policy.url + }} + {%- endif -%} {%- elsif cart.duties_included and cart.taxes_included == false -%} {%- if shop.shipping_policy.body == blank -%} {{ 'sections.cart.duties_included_taxes_at_checkout_shipping_at_checkout_without_policy' | t }} {%- else -%} - {{ 'sections.cart.duties_included_taxes_at_checkout_shipping_at_checkout_with_policy_html' | t: link: shop.shipping_policy.url }} + {{ + 'sections.cart.duties_included_taxes_at_checkout_shipping_at_checkout_with_policy_html' + | t: link: shop.shipping_policy.url + }} {%- endif -%} {%- elsif cart.duties_included == false and cart.taxes_included == false -%} {%- if shop.shipping_policy.body == blank -%} {{ 'sections.cart.taxes_at_checkout_shipping_at_checkout_without_policy' | t }} {%- else -%} - {{ 'sections.cart.taxes_at_checkout_shipping_at_checkout_with_policy_html' | t: link: shop.shipping_policy.url }} + {{ + 'sections.cart.taxes_at_checkout_shipping_at_checkout_with_policy_html' + | t: link: shop.shipping_policy.url + }} {%- endif -%} {%- endif -%} diff --git a/sections/main-cart-items.liquid b/sections/main-cart-items.liquid index 1eb3f480aad..662faa8aa07 100644 --- a/sections/main-cart-items.liquid +++ b/sections/main-cart-items.liquid @@ -165,7 +165,7 @@ {%- for discount in item.line_level_discount_allocations -%}
  • {%- render 'icon-discount' -%} - {{ discount.discount_application.title }} + {{ discount.discount_application.title | escape }}
    • {%- endfor -%} @@ -281,7 +281,7 @@ {% render 'icon-remove' %} diff --git a/sections/main-order.liquid b/sections/main-order.liquid index 42a925650f6..012efbe1791 100644 --- a/sections/main-order.liquid +++ b/sections/main-order.liquid @@ -61,16 +61,16 @@ >
    {%- if line_item.url != blank -%} - {{ line_item.title }} + {{ line_item.title | escape }} {%- else -%} -

    {{ line_item.title }}

    +

    {{ line_item.title | escape }}

    {%- endif -%} {%- assign property_size = line_item.properties | size -%} {%- unless line_item.selling_plan_allocation == null and property_size == 0 -%}
    {%- unless line_item.product.has_only_default_variant -%} - {{ line_item.variant.title }} + {{ line_item.variant.title | escape }} {%- endunless -%} {%- unless line_item.selling_plan_allocation == null -%} @@ -103,7 +103,7 @@ - {{- discount_allocation.discount_application.title }} (- + {{- discount_allocation.discount_application.title | escape }} (- {{- discount_allocation.amount | money -}} ) @@ -245,7 +245,7 @@ - {{- discount_application.title -}} + {{- discount_application.title | escape -}} @@ -255,7 +255,7 @@ - {{- discount_application.title -}} + {{- discount_application.title | escape -}}
    @@ -265,12 +265,12 @@ {%- for shipping_method in order.shipping_methods -%} - {{ 'customer.order.shipping' | t }} ({{ shipping_method.title }}) + {{ 'customer.order.shipping' | t }} ({{ shipping_method.title | escape }}) {{ shipping_method.price | money }} @@ -279,13 +279,13 @@ {%- for tax_line in order.tax_lines -%} - {{ 'customer.order.tax' | t }} ({{ tax_line.title }} + {{ 'customer.order.tax' | t }} ({{ tax_line.title | escape }} {{ tax_line.rate | times: 100 }}%) {{ tax_line.price | money }} diff --git a/snippets/cart-drawer.liquid b/snippets/cart-drawer.liquid index 52b2f9a4fec..70a858a7984 100644 --- a/snippets/cart-drawer.liquid +++ b/snippets/cart-drawer.liquid @@ -326,7 +326,7 @@