MAGETWO-56444: UI-Related Modules Template Update

- Resolved incorrectly escaped templates

Author: Hwashiang Yu

app/code/Magento/Theme/view/adminhtml/templates/browser/content/uploader.phtml

@@ -11,7 +11,7 @@
     <span class="fileinput-button form-buttons">
         <span><?= $block->escapeHtml(__('Browse Files')) ?></span>
         <input id="fileupload" type="file" name="<?= $block->escapeHtmlAttr($block->getConfig()->getFileField()) ?>"
-            data-url="<?= $block->escapeHtmlAttr($block->escapeUrl($block->getConfig()->getUrl())) ?>" multiple>
+            data-url="<?= $block->escapeUrl($block->getConfig()->getUrl()) ?>" multiple>
     </span>
     <div class="clear"></div>
     <script id="<?= $block->getHtmlId() ?>-template" type="text/x-magento-template">

app/code/Magento/Theme/view/frontend/templates/html/pager.phtml

@@ -105,7 +105,7 @@
             <?php if (!$block->isLastPage()): ?>
                 <li class="item pages-item-next">
                     <?php $text = $block->getAnchorTextForNext() ? $block->getAnchorTextForNext() : '';?>
-                    <a class="<?= $block->escapeHtmlAttr($text ? 'link ' : 'action ') ?> next"
+                    <a class="<?= /* @noEscape */ $text ? 'link ' : 'action ' ?> next"
                        href="<?= $block->escapeUrl($block->getNextPageUrl()) ?>"
                        title="<?= $block->escapeHtmlAttr($text ? $text : __('Next')) ?>">
                         <span class="label"><?= $block->escapeHtml(__('Page')) ?></span>

app/code/Magento/Theme/view/frontend/templates/js/cookie.phtml

@@ -16,10 +16,10 @@
         "*": {
             "mage/cookies": {
                 "expires": null,
-                "path": "<?= /* @noEscape */ $block->getPath() ?>",
-                "domain": "<?= /* @noEscape */ $block->getDomain() ?>",
+                "path": "<?= $block->escapeJs($block->getPath()) ?>",
+                "domain": "<?= $block->escapeJs($block->getDomain()) ?>",
                 "secure": false,
-                "lifetime": "<?= /* @noEscape */ $block->getLifetime() ?>"
+                "lifetime": "<?= $block->escapeJs($block->getLifetime()) ?>"
             }
         }
     }

app/code/Magento/Theme/view/frontend/templates/link.phtml

@@ -12,8 +12,8 @@
 ?>
 <?php if (!$block->getIsDisabled()) : ?>
 <li>
-    <a href="<?= $block->escapeHtml($block->getHref()) ?>"
-        <?php if ($title = $block->getTitle()) : ?> title="<?= $block->escapeHtml(__($title)) ?>"<?php endif;?>>
+    <a href="<?= $block->escapeUrl($block->getHref()) ?>"
+        <?php if ($title = $block->getTitle()) : ?> title="<?= $block->escapeHtmlAttr(__($title)) ?>"<?php endif;?>>
         <?= $block->escapeHtml(__($block->getLabel())) ?>
     </a>
 </li>

app/code/Magento/Theme/view/frontend/templates/page/js/require_js.phtml

@@ -5,8 +5,8 @@
  */
 ?>
 <script>
-    var BASE_URL = '<?= $block->escapeJs($block->escapeUrl($block->getBaseUrl())) ?>';
+    var BASE_URL = '<?= $block->escapeUrl($block->getBaseUrl()) ?>';
     var require = {
-        "baseUrl": "<?= $block->escapeJs($block->escapeUrl($block->getViewFileUrl('/'))) ?>"
+        "baseUrl": "<?= $block->escapeUrl($block->getViewFileUrl('/')) ?>"
     };
 </script>