avoid using deprecated escape* methods from AbstractBlock

app/code/Magento/AdminAnalytics/view/adminhtml/templates/tracking.phtml

@@ -6,6 +6,7 @@
 
 /**
  * @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
+ * @var \Magento\Framework\Escaper $escaper
  */
 ?>
 
@@ -24,15 +25,15 @@
 $metadata = $block->getMetadata();
 $scriptString = '
     var adminAnalyticsMetadata = {
-        "secure_base_url": "' . $block->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
-        "version": "' . $block->escapeJs($metadata->getMagentoVersion()) . '",
-        "product_edition": "' . $block->escapeJs($metadata->getProductEdition()) . '",
-        "user": "' . $block->escapeJs($metadata->getCurrentUser()) . '",
-        "mode": "' . $block->escapeJs($metadata->getMode()) . '",
-        "store_name_default": "' . $block->escapeJs($metadata->getStoreNameForScope()) . '",
-        "admin_user_created": "' . $block->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
-        "admin_user_logdate": "' . $block->escapeJs($metadata->getCurrentUserLogDate()) . '",
-        "admin_user_role_name": "' . $block->escapeJs($metadata->getCurrentUserRoleName()) . '"
+        "secure_base_url": "' . $escaper->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
+        "version": "' . $escaper->escapeJs($metadata->getMagentoVersion()) . '",
+        "product_edition": "' . $escaper->escapeJs($metadata->getProductEdition()) . '",
+        "user": "' . $escaper->escapeJs($metadata->getCurrentUser()) . '",
+        "mode": "' . $escaper->escapeJs($metadata->getMode()) . '",
+        "store_name_default": "' . $escaper->escapeJs($metadata->getStoreNameForScope()) . '",
+        "admin_user_created": "' . $escaper->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
+        "admin_user_logdate": "' . $escaper->escapeJs($metadata->getCurrentUserLogDate()) . '",
+        "admin_user_role_name": "' . $escaper->escapeJs($metadata->getCurrentUserRoleName()) . '"
     };
 ';
 ?>

app/code/Magento/AdminNotification/view/adminhtml/templates/notification/window.phtml

@@ -7,6 +7,7 @@
 /**
  * @see \Magento\AdminNotification\Block\Window
  * @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
+ * @var \Magento\Framework\Escaper $escaper
  */
 ?>
 <ul class="message-system-list"
@@ -15,13 +16,13 @@
             "autoOpen": true,
             "buttons": false,
             "modalClass": "modal-system-messages",
-            "title": "<?= $block->escapeHtmlAttr($block->getHeaderText()) ?>"
+            "title": "<?= $escaper->escapeHtmlAttr($block->getHeaderText()) ?>"
         }
     }'>
     <li class="message message-warning warning">
-        <?= $block->escapeHtml($block->getNoticeMessageText()) ?><br/>
-        <a href="<?= $block->escapeUrl($block->getNoticeMessageUrl()) ?>">
-            <?= $block->escapeHtml($block->getReadDetailsText()) ?>
+        <?= $escaper->escapeHtml($block->getNoticeMessageText()) ?><br/>
+        <a href="<?= $escaper->escapeUrl($block->getNoticeMessageUrl()) ?>">
+            <?= $escaper->escapeHtml($block->getReadDetailsText()) ?>
         </a>
     </li>
 </ul>

app/code/Magento/AdminNotification/view/adminhtml/templates/system/messages.phtml

@@ -4,7 +4,11 @@
  * See COPYING.txt for license details.
  */
 
-/** @var $block \Magento\AdminNotification\Block\System\Messages */
+/**
+ * @var \Magento\AdminNotification\Block\System\Messages $block
+ * @var \Magento\Framework\Escaper $escaper
+ */
+
 ?>
 
 <?php $lastCritical = $block->getLastCritical();?>
@@ -15,31 +19,31 @@
         <?php if ($lastCritical) : ?>
             <ul class="message-system-list">
                 <li class="message message-warning error">
-                    <?= $block->escapeHtml($lastCritical->getText()) ?>
+                    <?= $escaper->escapeHtml($lastCritical->getText()) ?>
                 </li>
             </ul>
         <?php endif; ?>
         <div class="message-system-short">
             <span class="message-system-short-label">
-                <?= $block->escapeHtml(__('System Messages:')) ?>
+                <?= $escaper->escapeHtml(__('System Messages:')) ?>
             </span>
 
             <?php if ($block->getCriticalCount()) : ?>
                 <div class="message message-warning error">
-                    <a class="message-link" href="#" title="<?= $block->escapeHtml(__('Critical System Messages')) ?>">
+                    <a class="message-link" href="#" title="<?= $escaper->escapeHtml(__('Critical System Messages')) ?>">
                         <?= (int) $block->getCriticalCount() ?>
                     </a>
                 </div>
             <?php endif; ?>
 
             <?php if ($block->getMajorCount()) : ?>
                <div class="message message-warning warning">
-                   <a class="message-link" href="#" title="<?= $block->escapeHtml(__('Major System Messages')) ?>">
+                   <a class="message-link" href="#" title="<?= $escaper->escapeHtml(__('Major System Messages')) ?>">
                        <?= (int) $block->getMajorCount() ?>
                    </a>
                </div>
             <?php endif; ?>
         </div>
-        <div id="message-system-all" title="<?= $block->escapeHtml(__('System messages')) ?>" data-mage-init='<?= $block->escapeHtml($block->getSystemMessageDialogJson()) ?>'></div>
+        <div id="message-system-all" title="<?= $escaper->escapeHtml(__('System messages')) ?>" data-mage-init='<?= $escaper->escapeHtml($block->getSystemMessageDialogJson()) ?>'></div>
     </div>
 </div>

app/code/Magento/AdminNotification/view/adminhtml/templates/system/messages/popup.phtml

@@ -4,16 +4,20 @@
  * See COPYING.txt for license details.
  */
 
-/** @var $block \Magento\AdminNotification\Block\System\Messages\UnreadMessagePopup */
-/** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */
+/**
+ * @var \Magento\AdminNotification\Block\System\Messages\UnreadMessagePopup $block
+ * @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
+ * @var \Magento\Framework\Escaper $escaper
+ */
+
 ?>
 
 <div id="system_messages_list" data-role="system_messages_list"
-     title="<?= $block->escapeHtmlAttr($block->getPopupTitle()) ?>">
+     title="<?= $escaper->escapeHtmlAttr($block->getPopupTitle()) ?>">
     <ul class="message-system-list messages">
         <?php foreach ($block->getUnreadMessages() as $message): ?>
-            <li class="message message-warning <?= $block->escapeHtmlAttr($block->getItemClass($message)) ?>">
-                <?= $block->escapeHtml($message->getText()) ?>
+            <li class="message message-warning <?= $escaper->escapeHtmlAttr($block->getItemClass($message)) ?>">
+                <?= $escaper->escapeHtml($message->getText()) ?>
             </li>
         <?php endforeach;?>
     </ul>

app/code/Magento/AdminNotification/view/adminhtml/templates/toolbar_entry.phtml

@@ -4,7 +4,10 @@
  * See COPYING.txt for license details.
  */
 
-/** @var $this \Magento\AdminNotification\Block\ToolbarEntry */
+/**
+ * @var $this \Magento\AdminNotification\Block\ToolbarEntry
+ * @var \Magento\Framework\Escaper $escaper
+ */
 
     $notificationCount = $block->getUnreadNotificationCount();
     $notificationCounterMax = $block->getNotificationCounterMax();
@@ -15,67 +18,67 @@
     data-notification-count="<?= (int)$notificationCount ?>">
     <?php if ($notificationCount > 0) : ?>
         <a
-            href="<?= $block->escapeUrl($block->getUrl('adminhtml/notification/index')) ?>"
+            href="<?= $escaper->escapeUrl($block->getUrl('adminhtml/notification/index')) ?>"
             class="notifications-action admin__action-dropdown"
             data-mage-init='{"dropdown":{}}'
-            title="<?= $block->escapeHtmlAttr(__('Notifications')) ?>"
+            title="<?= $escaper->escapeHtmlAttr(__('Notifications')) ?>"
             data-toggle="dropdown">
             <span class="notifications-counter">
                 <?= /* @noEscape */ ($notificationCount > $notificationCounterMax) ? (int)$notificationCounterMax . '+' : (int)$notificationCount ?>
             </span>
         </a>
         <ul
             class="admin__action-dropdown-menu"
-            data-mark-as-read-url="<?= $block->escapeUrl($block->getUrl('adminhtml/notification/ajaxMarkAsRead')) ?>">
+            data-mark-as-read-url="<?= $escaper->escapeUrl($block->getUrl('adminhtml/notification/ajaxMarkAsRead')) ?>">
             <?php foreach ($block->getLatestUnreadNotifications() as $notification) : ?>
                 <?php /** @var $notification \Magento\AdminNotification\Model\Inbox */ ?>
                 <li class="notifications-entry<?php if ($notification->getSeverity() == 1) : ?> notifications-critical<?php endif; ?>"
-                    data-notification-id="<?= $block->escapeHtmlAttr($notification->getId()) ?>"
+                    data-notification-id="<?= $escaper->escapeHtmlAttr($notification->getId()) ?>"
                     data-notification-severity="<?php if ($notification->getSeverity() == 1) : ?>1<?php endif; ?>">
                     <?php
                         $notificationDescription = $notification->getDescription();
                         $notificationDescriptionLength = $block->getNotificationDescriptionLength();
                     ?>
                     <strong class="notifications-entry-title">
-                        <?= $block->escapeHtml($notification->getTitle()) ?>
+                        <?= $escaper->escapeHtml($notification->getTitle()) ?>
                     </strong>
                     <?php if (strlen($notificationDescription) > $notificationDescriptionLength) : ?>
                         <p class="notifications-entry-description _cutted">
                             <span class="notifications-entry-description-start">
-                                <?= $block->escapeHtml(substr($notificationDescription, 0, $notificationDescriptionLength)) ?>
+                                <?= $escaper->escapeHtml(substr($notificationDescription, 0, $notificationDescriptionLength)) ?>
                             </span>
                             <span class="notifications-entry-description-end">
-                                <?= $block->escapeHtml(substr($notificationDescription, $notificationDescriptionLength)) ?>
+                                <?= $escaper->escapeHtml(substr($notificationDescription, $notificationDescriptionLength)) ?>
                             </span>
                         </p>
                     <?php else : ?>
                         <p class="notifications-entry-description">
-                            <?= $block->escapeHtml($notificationDescription) ?>
+                            <?= $escaper->escapeHtml($notificationDescription) ?>
                         </p>
                     <?php endif; ?>
                     <time class="notifications-entry-time">
-                        <?= $block->escapeHtml($block->formatNotificationDate($notification->getDateAdded())) ?>
+                        <?= $escaper->escapeHtml($block->formatNotificationDate($notification->getDateAdded())) ?>
                     </time>
                     <button
                         type="button"
                         class="notifications-close"
-                        title="<?= $block->escapeHtmlAttr(__('Close')) ?>"
+                        title="<?= $escaper->escapeHtmlAttr(__('Close')) ?>"
                         ></button>
                 </li>
             <?php endforeach; ?>
             <li class="notifications-entry notifications-entry-last">
                 <a
-                    href="<?= $block->escapeUrl($block->getUrl('adminhtml/notification/index')) ?>"
+                    href="<?= $escaper->escapeUrl($block->getUrl('adminhtml/notification/index')) ?>"
                     class="action-tertiary action-more">
-                    <?= $block->escapeHtml(__('See All (')) ?><span class="notifications-counter"><?= (int)$notificationCount ?></span><?= $block->escapeHtml(__(' unread)')) ?>
+                    <?= $escaper->escapeHtml(__('See All (')) ?><span class="notifications-counter"><?= (int)$notificationCount ?></span><?= $escaper->escapeHtml(__(' unread)')) ?>
                 </a>
             </li>
         </ul>
     <?php else : ?>
         <a
             class="notifications-action admin__action-dropdown"
-            href="<?= $block->escapeUrl($block->getUrl('adminhtml/notification/index')) ?>"
-            title="<?= $block->escapeHtmlAttr(__('Notifications')) ?>">
+            href="<?= $escaper->escapeUrl($block->getUrl('adminhtml/notification/index')) ?>"
+            title="<?= $escaper->escapeHtmlAttr(__('Notifications')) ?>">
         </a>
     <?php endif; ?>
 </div>

app/code/Magento/AdvancedSearch/view/adminhtml/templates/system/config/testconnection.phtml

@@ -3,12 +3,16 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
+
+/**
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
 <button class="scalable" type="button" id="<?= $block->getHtmlId() ?>" data-mage-init='{"testConnection":{
-    "url": "<?= $block->escapeUrl($block->getAjaxUrl()) ?>",
+    "url": "<?= $escaper->escapeUrl($block->getAjaxUrl()) ?>",
     "elementId": "<?= $block->getHtmlId() ?>",
-    "successText": "<?= $block->escapeHtmlAttr(__('Successful! Test again?')) ?>",
-    "failedText": "<?= $block->escapeHtmlAttr(__('Connection failed! Test again?')) ?>",
+    "successText": "<?= $escaper->escapeHtmlAttr(__('Successful! Test again?')) ?>",
+    "failedText": "<?= $escaper->escapeHtmlAttr(__('Connection failed! Test again?')) ?>",
     "fieldMapping": "<?= /* @noEscape */ $block->getFieldMapping() ?>"}, "validation": {}}'>
-    <span id="<?= $block->getHtmlId() ?>_result"><?= $block->escapeHtml($block->getButtonLabel()) ?></span>
+    <span id="<?= $block->getHtmlId() ?>_result"><?= $escaper->escapeHtml($block->getButtonLabel()) ?></span>
 </button>

app/code/Magento/AdvancedSearch/view/frontend/templates/search_data.phtml

@@ -6,18 +6,19 @@
 
 /**
  * @var \Magento\AdvancedSearch\Block\SearchData $block
+ * @var \Magento\Framework\Escaper $escaper
  */
 ?>
 <?php
 /** @var \Magento\Search\Model\QueryResult[] $data */
 $data = $block->getItems();
 if (count($data)) : ?>
     <dl class="block">
-        <dt class="title"><?= $block->escapeHtml(__($block->getTitle())) ?></dt>
+        <dt class="title"><?= $escaper->escapeHtml(__($block->getTitle())) ?></dt>
         <?php foreach ($data as $additionalInfo) : ?>
             <dd class="item">
-                <a href="<?= $block->escapeUrl($block->getLink($additionalInfo->getQueryText())) ?>"
-                    ><?= $block->escapeHtml($additionalInfo->getQueryText()) ?></a>
+                <a href="<?= $escaper->escapeUrl($block->getLink($additionalInfo->getQueryText())) ?>"
+                    ><?= $escaper->escapeHtml($additionalInfo->getQueryText()) ?></a>
                 <?php if ($block->isShowResultsCount()) : ?>
                     <span class="count"><?= /* @noEscape */ (int)$additionalInfo->getResultsCount() ?></span>
                 <?php endif; ?>

app/code/Magento/Analytics/view/adminhtml/templates/dashboard/section.phtml

@@ -3,25 +3,30 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
+
+/**
+ * @var \Magento\Framework\Escaper $escaper
+ */
+
 ?>
 
 <section class="dashboard-advanced-reports" data-index="dashboard-advanced-reports">
     <div class="dashboard-advanced-reports-description">
         <header class="dashboard-advanced-reports-title">
-            <?= $block->escapeHtml(__('Advanced Reporting')) ?>
+            <?= $escaper->escapeHtml(__('Advanced Reporting')) ?>
         </header>
         <div class="dashboard-advanced-reports-content">
-            <?= $block->escapeHtml(__('Gain new insights and take command of your business\' performance,' .
+            <?= $escaper->escapeHtml(__('Gain new insights and take command of your business\' performance,' .
                 ' using our dynamic product, order, and customer reports tailored to your customer data.')) ?>
         </div>
     </div>
     <div class="dashboard-advanced-reports-actions">
-        <a href="<?= $block->escapeUrl($block->getUrl('analytics/reports/show')) ?>"
+        <a href="<?= $escaper->escapeUrl($block->getUrl('analytics/reports/show')) ?>"
            target="_blank"
            class="action action-advanced-reports"
            data-index="analytics-service-link"
-           title="<?= $block->escapeHtmlAttr(__('Go to Advanced Reporting')) ?>">
-            <span><?= $block->escapeHtml(__('Go to Advanced Reporting')) ?></span>
+           title="<?= $escaper->escapeHtmlAttr(__('Go to Advanced Reporting')) ?>">
+            <span><?= $escaper->escapeHtml(__('Go to Advanced Reporting')) ?></span>
         </a>
     </div>
 </section>

app/code/Magento/Backend/view/adminhtml/templates/admin/access_denied.phtml

@@ -9,23 +9,27 @@
  * @see \Magento\Backend\Block\Denied
  */
 
+/**
+ * @var \Magento\Framework\Escaper $escaper
+ */
+
 // phpcs:disable Magento2.Security.Superglobal
 ?>
 <hr class="access-denied-hr"/>
 <div class="access-denied-page">
-    <h2 class="page-heading"><?= $block->escapeHtml(__('Sorry, you need permissions to view this content.')) ?></h2>
-    <strong><?= $block->escapeHtml(__('Next steps')) ?></strong>
+    <h2 class="page-heading"><?= $escaper->escapeHtml(__('Sorry, you need permissions to view this content.')) ?></h2>
+    <strong><?= $escaper->escapeHtml(__('Next steps')) ?></strong>
     <ul>
-        <li><span><?= $block->escapeHtml(__('If you think this is an error, try signing out and signing in again.'))  ?></span></li>
-        <li><span><?= $block->escapeHtml(__('Contact a system administrator or store owner to gain permissions.')) ?></span></li>
+        <li><span><?= $escaper->escapeHtml(__('If you think this is an error, try signing out and signing in again.'))  ?></span></li>
+        <li><span><?= $escaper->escapeHtml(__('Contact a system administrator or store owner to gain permissions.')) ?></span></li>
         <li>
-            <span><?= $block->escapeHtml(__('Return to ')) ?>
+            <span><?= $escaper->escapeHtml(__('Return to ')) ?>
                 <?php if (isset($_SERVER['HTTP_REFERER'])) : ?>
-                    <a href="<?= $block->escapeUrl($_SERVER['HTTP_REFERER']) ?>">
-                        <?= $block->escapeHtml(__('previous page')) ?></a><?= $block->escapeHtml(__('.')) ?>
+                    <a href="<?= $escaper->escapeUrl($_SERVER['HTTP_REFERER']) ?>">
+                        <?= $escaper->escapeHtml(__('previous page')) ?></a><?= $escaper->escapeHtml(__('.')) ?>
                 <?php else : ?>
-                    <a href="<?= $block->escapeHtmlAttr('javascript:history.back()') ?>">
-                        <?= $block->escapeHtml(__('previous page')) ?></a><?= $block->escapeHtml(__('.')) ?>
+                    <a href="<?= $escaper->escapeHtmlAttr('javascript:history.back()') ?>">
+                        <?= $escaper->escapeHtml(__('previous page')) ?></a><?= $escaper->escapeHtml(__('.')) ?>
                 <?php endif ?>
             </span>
         </li>

app/code/Magento/Backend/view/adminhtml/templates/admin/formkey.phtml

@@ -3,5 +3,9 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
+
+/**
+ * @var \Magento\Framework\Escaper $escaper
+ */
 ?>
-<div><input name="form_key" type="hidden" value="<?= $block->escapeHtmlAttr($block->getFormKey()) ?>" /></div>
+<div><input name="form_key" type="hidden" value="<?= $escaper->escapeHtmlAttr($block->getFormKey()) ?>" /></div>