Merge remote-tracking branch 'mainline-ce/develop' into develop

app/code/Magento/AdminNotification/Controller/Adminhtml/Notification/AjaxMarkAsRead.php

@@ -15,7 +15,7 @@ class AjaxMarkAsRead extends \Magento\AdminNotification\Controller\Adminhtml\Not
      */
     public function execute()
     {
-        if (!$this->getRequest()->getPost()) {
+        if (!$this->getRequest()->getPostValue()) {
             return;
         }
         $notificationId = (int)$this->getRequest()->getPost('id');

app/code/Magento/Backend/App/AbstractAction.php

@@ -202,8 +202,7 @@ public function dispatch(\Magento\Framework\App\RequestInterface $request)
         }
 
         if ($request->isDispatched() && $request->getActionName() !== 'denied' && !$this->_isAllowed()) {
-            $this->_response->setHeader('HTTP/1.1', '403 Forbidden');
-            $this->_response->setHttpResponseCode(403);
+            $this->_response->setStatusHeader(403, '1.1', 'Forbidden');
             if (!$this->_auth->isLoggedIn()) {
                 return $this->_redirect('*/auth/login');
             }

app/code/Magento/Backend/App/Action/Plugin/Authentication.php

@@ -163,7 +163,7 @@ protected function _performLogin(\Magento\Framework\App\RequestInterface $reques
         $postLogin = $request->getPost('login');
         $username = isset($postLogin['username']) ? $postLogin['username'] : '';
         $password = isset($postLogin['password']) ? $postLogin['password'] : '';
-        $request->setPost('login', null);
+        $request->setPostValue('login', null);
 
         try {
             $this->_auth->login($username, $password);

app/code/Magento/Backend/App/Action/Plugin/MassactionKey.php

@@ -28,7 +28,7 @@ public function aroundDispatch(
         if ($key) {
             $postData = $request->getPost($key);
             $value = is_array($postData) ? $postData : explode(',', $postData);
-            $request->setPost($key, $value ? $value : null);
+            $request->setPostValue($key, $value ? $value : null);
         }
         return $proceed($request);
     }

app/code/Magento/Backend/Controller/Adminhtml/Denied.php

@@ -41,12 +41,12 @@ public function execute()
         if (!$this->_auth->isLoggedIn()) {
             /** @var \Magento\Backend\Model\View\Result\Redirect $resultRedirect */
             $resultRedirect = $this->resultRedirectFactory->create();
-            $resultRedirect->setHeader('HTTP/1.1', '403 Forbidden');
+            $resultRedirect->setStatusHeader(403, '1.1', 'Forbidden');
             return $resultRedirect->setPath('*/auth/login');
         }
         /** @var \Magento\Backend\Model\View\Result\Page $resultPage */
         $resultPage = $this->resultPageFactory->create();
-        $resultPage->setHeader('HTTP/1.1', '403 Forbidden');
+        $resultPage->setStatusHeader(403, '1.1', 'Forbidden');
         $resultPage->addHandle('adminhtml_denied');
         return $resultPage;
     }

app/code/Magento/Backend/Controller/Adminhtml/Noroute/Index.php

@@ -34,7 +34,7 @@ public function execute()
     {
         /** @var \Magento\Backend\Model\View\Result\Page $resultPage */
         $resultPage = $this->resultPageFactory->create();
-        $resultPage->setHeader('HTTP/1.1', '404 Not Found');
+        $resultPage->setStatusHeader(404, '1.1', 'Forbidden');
         $resultPage->setHeader('Status', '404 File not found');
         $resultPage->addHandle('adminhtml_noroute');
         return $resultPage;

app/code/Magento/Backend/Controller/Adminhtml/System/Design/Save.php

@@ -30,7 +30,7 @@ protected function _filterPostData($data)
      */
     public function execute()
     {
-        $data = $this->getRequest()->getPost();
+        $data = $this->getRequest()->getPostValue();
         /** @var \Magento\Backend\Model\View\Result\Redirect $resultRedirect */
         $resultRedirect = $this->resultRedirectFactory->create();
 

app/code/Magento/Backend/Controller/Adminhtml/System/Store/Save.php

@@ -17,7 +17,7 @@ public function execute()
     {
         /** @var \Magento\Backend\Model\View\Result\Redirect $redirectResult */
         $redirectResult = $this->resultRedirectFactory->create();
-        if ($this->getRequest()->isPost() && ($postData = $this->getRequest()->getPost())) {
+        if ($this->getRequest()->isPost() && ($postData = $this->getRequest()->getPostValue())) {
             if (empty($postData['store_type']) || empty($postData['store_action'])) {
                 $redirectResult->setPath('adminhtml/*/');
                 return $redirectResult;

app/code/Magento/Backend/etc/adminhtml/di.xml

@@ -17,7 +17,13 @@
     <preference for="Magento\Backend\App\ConfigInterface" type="Magento\Backend\App\Config" />
     <preference for="Magento\Framework\App\Response\Http\FileFactory" type="Magento\Backend\App\Response\Http\FileFactory" />
     <preference for="Magento\Framework\View\Layout\GeneratorPool" type="Magento\Backend\Model\View\Layout\GeneratorPool" />
-    <preference for="pageLayoutGeneratorPool" type="Magento\Backend\Model\View\Layout\GeneratorPool" />
+    <type name="Magento\Framework\View\Result\Page">
+        <arguments>
+            <argument name="layoutReaderPool" xsi:type="object">pageConfigRenderPool</argument>
+            <argument name="generatorPool" xsi:type="object">Magento\Backend\Model\View\Layout\GeneratorPool</argument>
+            <argument name="template" xsi:type="string">Magento_Theme::root.phtml</argument>
+        </arguments>
+    </type>
     <preference for="Magento\Framework\View\Layout\Reader\Block" type="Magento\Backend\Model\View\Layout\Reader\Block" />
     <preference for="Magento\Framework\Model\ActionValidator\RemoveAction" type="Magento\Framework\Model\ActionValidator\RemoveAction\Allowed" />
     <preference for="Magento\Framework\Session\Config\ConfigInterface" type="Magento\Backend\Model\Session\AdminConfig" />

app/code/Magento/Captcha/Model/Observer.php

@@ -204,7 +204,7 @@ public function checkUserCreate($observer)
             if (!$captchaModel->isCorrect($this->_getCaptchaString($controller->getRequest(), $formId))) {
                 $this->messageManager->addError(__('Incorrect CAPTCHA'));
                 $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
-                $this->_session->setCustomerFormData($controller->getRequest()->getPost());
+                $this->_session->setCustomerFormData($controller->getRequest()->getPostValue());
                 $url = $this->_urlManager->getUrl('*/*/create', ['_nosecret' => true]);
                 $controller->getResponse()->setRedirect($this->redirect->error($url));
             }

app/code/Magento/Catalog/Controller/Adminhtml/Category/Save.php

@@ -85,7 +85,7 @@ public function execute()
 
         $storeId = $this->getRequest()->getParam('store');
         $refreshTree = false;
-        $data = $this->getRequest()->getPost();
+        $data = $this->getRequest()->getPostValue();
         if ($data) {
             $category->addData($this->_filterCategoryPostData($data['general']));
             if (!$category->getId()) {

app/code/Magento/Catalog/Controller/Adminhtml/Product/Attribute/Save.php

@@ -96,7 +96,7 @@ public function __construct(
      */
     public function execute()
     {
-        $data = $this->getRequest()->getPost();
+        $data = $this->getRequest()->getPostValue();
         $resultRedirect = $this->resultRedirectFactory->create();
         if ($data) {
             $setId = $this->getRequest()->getParam('set');

app/code/Magento/Catalog/Controller/Adminhtml/Product/Save.php

@@ -67,7 +67,7 @@ public function execute()
         $productId = $this->getRequest()->getParam('id');
         $resultRedirect = $this->resultRedirectFactory->create();
 
-        $data = $this->getRequest()->getPost();
+        $data = $this->getRequest()->getPostValue();
         if ($data) {
             try {
                 $product = $this->initializationHelper->initialize($this->productBuilder->build($this->getRequest()));

app/code/Magento/Catalog/Controller/Product/Gallery.php

@@ -56,7 +56,8 @@ public function execute()
     {
         $result = null;
         if (!$this->_initProduct()) {
-            if (isset($_GET['store']) && !$this->getResponse()->isRedirect()) {
+            $store = $this->getRequest()->getQuery('store');
+            if (isset($store) && !$this->getResponse()->isRedirect()) {
                 $result = $this->resultRedirectFactory->create();
                 $result->setPath('');
             } elseif (!$this->getResponse()->isRedirect()) {

app/code/Magento/Catalog/Controller/Product/View.php

@@ -62,7 +62,8 @@ public function __construct(
      */
     protected function noProductRedirect()
     {
-        if (isset($_GET['store']) && !$this->getResponse()->isRedirect()) {
+        $store = $this->getRequest()->getQuery('store');
+        if (isset($store) && !$this->getResponse()->isRedirect()) {
             $resultRedirect = $this->resultRedirectFactory->create();
             return $resultRedirect->setPath('');
         } elseif (!$this->getResponse()->isRedirect()) {

app/code/Magento/Catalog/view/frontend/templates/product/view/details.phtml

@@ -10,7 +10,7 @@
 <?php if ($detailedInfoGroup = $block->getGroupChildNames('detailed_info', 'getChildHtml')):?>
     <div class="product info detailed">
         <?php $layout = $block->getLayout(); ?>
-        <div role="tablist" class="product data items" data-mage-init='{"tabs":{"openedState":"active"}}'>
+        <div class="product data items" data-mage-init='{"tabs":{"openedState":"active"}}'>
             <?php foreach ($detailedInfoGroup as $name):?>
                 <?php
                     $html = $layout->renderElement($name);
@@ -20,10 +20,20 @@
                     $alias = $layout->getElementAlias($name);
                     $label = $block->getChildData($alias, 'title');
                 ?>
-                <div class="data item title" data-role="collapsible">
-                    <a role="tab" class="data switch" data-toggle="switch" id="tab-label-<?php echo $alias;?>" href="#<?php echo $alias; ?>"><?php echo $label; ?></a>
+                <div class="data item title"
+                     aria-labeledby="tab-label-<?php echo $alias;?>-title"
+                     data-role="collapsible" id="tab-label-<?php echo $alias;?>">
+                    <a class="data switch"
+                       tabindex="-1"
+                       data-toggle="switch"
+                       href="#<?php echo $alias; ?>"
+                       id="tab-label-<?php echo $alias;?>-title">
+                        <?php echo $label; ?>
+                    </a>
+                </div>
+                <div class="data item content" id="<?php echo $alias; ?>" data-role="content">
+                    <?php echo $html; ?>
                 </div>
-                <div role="tabpanel" aria-labelledby="tab-label-<?php echo $alias;?>" class="data item content" id="<?php echo $alias; ?>" data-role="content"><?php echo $html; ?></div>
             <?php endforeach;?>
         </div>
     </div>

app/code/Magento/Catalog/view/frontend/templates/product/view/options/type/file.phtml

@@ -17,7 +17,7 @@
 <?php $class = ($_option->getIsRequire()) ? ' required' : ''; ?>
 
 <div class="field file<?php echo $class; ?>">
-    <label class="label">
+    <label class="label" for="<?php echo $_fileName; ?>" id="<?php echo $_fileName; ?>-label">
         <span><?php echo  $block->escapeHtml($_option->getTitle()) ?></span>
         <?php echo $block->getFormatedPrice() ?>
     </label>
@@ -44,6 +44,7 @@
             <?php echo $_fileExists ? 'style="display:none"' : '' ?>>
         <input type="file"
                name="<?php echo $_fileName; ?>"
+               id="<?php echo $_fileName; ?>"
                class="product-custom-option<?php echo $_option->getIsRequire() ? ' required' : '' ?>"
                <?php echo $_fileExists ? 'disabled="disabled"' : '' ?> />
         <input type="hidden" name="<?php echo $_fieldNameAction; ?>" value="<?php echo $_fieldValueAction; ?>" />

app/code/Magento/Catalog/view/frontend/templates/product/view/options/type/select.phtml

@@ -14,7 +14,7 @@ $_option = $block->getOption();
 $class = ($_option->getIsRequire()) ? ' required' : '';
 ?>
 <div class="field<?php echo $class; ?>">
-    <label class="label">
+    <label class="label" for="select_<?php echo $_option->getId() ?>">
         <span><?php echo  $block->escapeHtml($_option->getTitle()) ?></span>
     </label>
     <div class="control">

app/code/Magento/Catalog/view/frontend/templates/product/view/options/type/text.phtml

@@ -15,7 +15,7 @@ $class = ($_option->getIsRequire()) ? ' required' : '';
 <div class="field<?php if ($_option->getType() == \Magento\Catalog\Model\Product\Option::OPTION_TYPE_AREA) {
     echo ' textarea';
 } ?><?php echo $class ?>">
-    <label class="label">
+    <label class="label" for="options_<?php echo $_option->getId() ?>_text">
         <span><?php echo $block->escapeHtml($_option->getTitle()) ?></span>
         <?php echo $block->getFormatedPrice() ?>
     </label>

app/code/Magento/CatalogRule/Controller/Adminhtml/Promo/Catalog/Save.php

@@ -16,14 +16,14 @@ class Save extends \Magento\CatalogRule\Controller\Adminhtml\Promo\Catalog
      */
     public function execute()
     {
-        if ($this->getRequest()->getPost()) {
+        if ($this->getRequest()->getPostValue()) {
             try {
                 $model = $this->_objectManager->create('Magento\CatalogRule\Model\Rule');
                 $this->_eventManager->dispatch(
                     'adminhtml_controller_catalogrule_prepare_save',
                     ['request' => $this->getRequest()]
                 );
-                $data = $this->getRequest()->getPost();
+                $data = $this->getRequest()->getPostValue();
                 $inputFilter = new \Zend_Filter_Input(
                     ['from_date' => $this->_dateFilter, 'to_date' => $this->_dateFilter],
                     [],

app/code/Magento/CatalogSearch/Block/Advanced/Result.php

@@ -160,7 +160,7 @@ public function getProductListHtml()
     public function getFormUrl()
     {
         return $this->_urlFactory->create()->addQueryParams(
-            $this->getRequest()->getQuery()
+            $this->getRequest()->getQueryValue()
         )->getUrl(
             '*/*/',
             ['_escape' => true]

app/code/Magento/CatalogSearch/Controller/Advanced/Result.php

@@ -61,13 +61,13 @@ public function execute()
     {
         try {
             $this->layerResolver->create('advanced');
-            $this->_catalogSearchAdvanced->addFilters($this->getRequest()->getQuery());
+            $this->_catalogSearchAdvanced->addFilters($this->getRequest()->getQueryValue());
             $this->_view->loadLayout();
             $this->_view->renderLayout();
         } catch (\Magento\Framework\Model\Exception $e) {
             $this->messageManager->addError($e->getMessage());
             $defaultUrl = $this->_urlFactory->create()
-                ->addQueryParams($this->getRequest()->getQuery())
+                ->addQueryParams($this->getRequest()->getQueryValue())
                 ->getUrl('*/*/');
             $this->getResponse()->setRedirect($this->_redirect->error($defaultUrl));
         }

app/code/Magento/CatalogUrlRewrite/Observer/CategorySaveRewritesHistorySetter.php

@@ -18,7 +18,7 @@ public function invoke(Observer $observer)
     {
         /** @var Category $category */
         $category = $observer->getEvent()->getCategory();
-        $data = $observer->getEvent()->getRequest()->getPost();
+        $data = $observer->getEvent()->getRequest()->getPostValue();
 
         /**
          * Create Permanent Redirect for old URL key

app/code/Magento/Checkout/Controller/Onepage.php

@@ -169,7 +169,7 @@ public function dispatch(RequestInterface $request)
     protected function _ajaxRedirectResponse()
     {
         $resultRaw = $this->resultRawFactory->create();
-        $resultRaw->setHeader('HTTP/1.1', '403 Session Expired')
+        $resultRaw->setStatusHeader(403, '1.1', 'Session Expired')
             ->setHeader('Login-Required', 'true');
         return $resultRaw;
     }

app/code/Magento/Checkout/view/frontend/templates/cart/form.phtml

@@ -37,16 +37,26 @@
     </div>
     <div class="cart main actions">
         <?php if ($block->getContinueShoppingUrl()): ?>
-            <a class="action continue" href="<?php echo $block->getContinueShoppingUrl() ?>" title="<?php echo __('Continue Shopping') ?>">
+            <a class="action continue"
+               href="<?php echo $block->getContinueShoppingUrl() ?>"
+               title="<?php echo $block->escapeHtml(__('Continue Shopping')); ?>">
                 <span><?php echo __('Continue Shopping') ?></span>
             </a>
         <?php endif; ?>
-        <button type="submit" name="update_cart_action" value="update_qty" title="<?php echo __('Update Shopping Cart'); ?>" class="action update">
-            <span><?php echo __('Update Shopping Cart'); ?></span>
-        </button>
-        <button type="submit" name="update_cart_action" value="empty_cart" title="<?php echo __('Clear Shopping Cart'); ?>" class="action clear" id="empty_cart_button">
+        <button type="submit"
+                name="update_cart_action"
+                value="empty_cart"
+                title="<?php echo $block->escapeHtml(__('Clear Shopping Cart')); ?>"
+                class="action clear" id="empty_cart_button">
             <span><?php echo __('Clear Shopping Cart'); ?></span>
         </button>
+        <button type="submit"
+                name="update_cart_action"
+                value="update_qty"
+                title="<?php echo $block->escapeHtml(__('Update Shopping Cart')); ?>"
+                class="action update">
+            <span><?php echo __('Update Shopping Cart'); ?></span>
+        </button>
         <!--[if lt IE 8]>
         <input type="hidden" value="" id="update_cart_action_container" />
         <![endif]-->