diff --git a/src/module-elasticsuite-catalog/Model/Layer/Filter/Attribute.php b/src/module-elasticsuite-catalog/Model/Layer/Filter/Attribute.php index 09b5cda5c..43139e2f5 100644 --- a/src/module-elasticsuite-catalog/Model/Layer/Filter/Attribute.php +++ b/src/module-elasticsuite-catalog/Model/Layer/Filter/Attribute.php @@ -35,6 +35,11 @@ class Attribute extends \Magento\CatalogSearch\Model\Layer\Filter\Attribute impl */ private $tagFilter; + /** + * @var \Magento\Framework\Escaper + */ + private $escaper; + /** * @var boolean */ @@ -53,6 +58,7 @@ class Attribute extends \Magento\CatalogSearch\Model\Layer\Filter\Attribute impl * @param \Magento\Catalog\Model\Layer $layer Catalog product layer. * @param \Magento\Catalog\Model\Layer\Filter\Item\DataBuilder $itemDataBuilder Item data builder. * @param \Magento\Framework\Filter\StripTags $tagFilter String HTML tags filter. + * @param \Magento\Framework\Escaper $escaper Html Escaper. * @param \Smile\ElasticsuiteCatalog\Helper\ProductAttribute $mappingHelper Mapping helper. * @param array $data Custom data. */ @@ -62,6 +68,7 @@ public function __construct( \Magento\Catalog\Model\Layer $layer, \Magento\Catalog\Model\Layer\Filter\Item\DataBuilder $itemDataBuilder, \Magento\Framework\Filter\StripTags $tagFilter, + \Magento\Framework\Escaper $escaper, \Smile\ElasticsuiteCatalog\Helper\ProductAttribute $mappingHelper, array $data = [] ) { @@ -75,6 +82,7 @@ public function __construct( ); $this->tagFilter = $tagFilter; + $this->escaper = $escaper; $this->mappingHelper = $mappingHelper; } @@ -99,7 +107,7 @@ public function apply(\Magento\Framework\App\RequestInterface $request) $layerState = $this->getLayer()->getState(); foreach ($this->currentFilterValue as $currentFilter) { - $filter = $this->_createItem($currentFilter, $this->currentFilterValue); + $filter = $this->_createItem($this->escaper->escapeHtml($currentFilter), $this->currentFilterValue); $layerState->addFilter($filter); } }