Update jquery.metadata.js DOM text reinterpreted as HTML

[Shivam7-1]

Description (*)

By using innerText, it will avoid the risk of HTML injection, as these properties automatically escape any HTML special characters in the provided text. This helps prevent cross-site scripting (XSS) vulnerabilities by treating the input as plain text rather than interpreted HTML.

Contribution checklist (*)

• Pull request has a meaningful description of its purpose
• All commits are accompanied by meaningful commit messages
• All new or changed code is covered with unit/integration tests (if applicable)
• README.md files for modified modules are updated and included in the pull request if any README.md predefined sections require an update
• All automated tests passed successfully (all builds are green)

Resolved issues:

1. resolves [Issue] Update jquery.metadata.js DOM text reinterpreted as HTML #38852: Update jquery.metadata.js DOM text reinterpreted as HTML

[m2-assistant]

Hi @Shivam7-1. Thank you for your contribution!
Here are some useful tips on how you can test your changes using Magento test environment.

Add the comment under your pull request to deploy test or vanilla Magento instance:

• @magento give me test instance - deploy test instance based on PR changes
• @magento give me 2.4-develop instance - deploy vanilla Magento instance

❗ Automated tests can be triggered manually with an appropriate comment:

• @magento run all tests - run or re-run all required tests against the PR changes
• @magento run <test-build(s)> - run or re-run specific test build(s)
  For example: @magento run Unit Tests

<test-build(s)> is a comma-separated list of build names.

Allowed build names are:

1. Database Compare
2. Functional Tests CE
3. Functional Tests EE
4. Functional Tests B2B
5. Integration Tests
6. Magento Health Index
7. Sample Data Tests CE
8. Sample Data Tests EE
9. Sample Data Tests B2B
10. Static Tests
11. Unit Tests
12. WebAPI Tests
13. Semantic Version Checker

You can find more information about the builds here
ℹ️ Run only required test builds during development. Run all test builds before sending your pull request for review.

---

For more details, review the Code Contributions documentation.
Join Magento Community Engineering Slack and ask your questions in #github channel.

[Shivam7-1]

@magento run all tests

[engcom-Hotel]

@magento create issue

[engcom-Hotel]

Hello @Shivam7-1,

Thanks for your contribution!

We can see you have created multiple PRs with the same fix, some of them are as follows:

• Update js.phtml DOM text reinterpreted as HTML #38804
• Update details.js DOM text reinterpreted as HTML #38757
• Update js.js DOM text reinterpreted as HTML #38756

We request you to please merge all of them and create a single PR.

Thanks

[Shivam7-1]

Hi @engcom-Hotel
Thanks For Reviewing
I am waiting for greeting all PR

Could You please check into this

[engcom-Hotel]

Hello @Shivam7-1,

I suggest creating a single PR that includes all the changes from this PR as well as the PRs mentioned in this comment.

We will proceed with that newly created PR.

Thanks!

[Shivam7-1]

Hi @engcom-Hotel Thanks For Suggestion
But merging PR option is not available I think You are saying Squashing Of all PR in to one
But All other PR Braches are outdated I think all PR WOULD get Merged Seperately will be good for it As Some where innertext or innerHtml has been used So Separate PR is good I think

As All Comments in PR States That it Accepted
Thanks

[engcom-Hotel]

You can still merge them with a single PR. Please do the needful. We are moving this PR On Hold meanwhile.

Thanks

[Shivam7-1]

Hii @engcom-Hotel
I had Merged All PR to Single One please Check on this
#38945
Thanks

[engcom-Hotel]

Thanks @Shivam7-1, now can you please close this PR and the PRs mentioned in this #38836 (comment), as all code changes have been merged into this PR #38945

[Shivam7-1]

Hi @engcom-Hotel Is My All code for Reviewed and Merged also ?

[engcom-Hotel]

@Shivam7-1 it will be reviewed. But as you have created a single PR by merging all of the listed PR including this one. Then we can refer to the new PR for further processing. So please close this PR and all other PRs as well.

Thanks

[Shivam7-1]

Hi @engcom-Hotel I had Closed all Above PR
So can anyone From Team Review this All merge PR #38945

ASAP if Possible

[m2-assistant]

Hi @Shivam7-1. Thank you for your contribution!
Here are some useful tips on how you can test your changes using Magento test environment.
❗ Automated tests can be triggered manually with an appropriate comment:

• @magento run all tests - run or re-run all required tests against the PR changes
• @magento run <test-build(s)> - run or re-run specific test build(s)
  For example: @magento run Unit Tests

<test-build(s)> is a comma-separated list of build names.

Allowed build names are:

1. Database Compare
2. Functional Tests CE
3. Functional Tests EE
4. Functional Tests B2B
5. Integration Tests
6. Magento Health Index
7. Sample Data Tests CE
8. Sample Data Tests EE
9. Sample Data Tests B2B
10. Static Tests
11. Unit Tests
12. WebAPI Tests
13. Semantic Version Checker

You can find more information about the builds here
ℹ️ Run only required test builds during development. Run all test builds before sending your pull request for review.

---

For more details, review the Code Contributions documentation.
Join Magento Community Engineering Slack and ask your questions in #github channel.