From ea17f9ad1c6ed622f2ac6e832dd366b5f43b913a Mon Sep 17 00:00:00 2001
From: Dave Macaulay <macaulay@adobe.com>
Date: Mon, 29 Apr 2019 14:42:40 +0200
Subject: [PATCH] MAGETWO-99387: Prohibit usage of native htmlspecialchars()

---
 Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php   | 1 +
 Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc | 2 ++
 Magento2/Tests/Functions/DiscouragedFunctionUnitTest.php | 1 +
 3 files changed, 4 insertions(+)

diff --git a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php
index 56bfa9d3..75a87654 100644
--- a/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php
+++ b/Magento2/Sniffs/Functions/DiscouragedFunctionSniff.php
@@ -218,5 +218,6 @@ class DiscouragedFunctionSniff extends ForbiddenFunctionsSniff
         '^is_null$' => 'strict comparison "=== null"',
         '^intval$' => '(int) construction',
         '^strval$' => '(string) construction',
+        '^htmlspecialchars$' => '\Magento\Framework\Escaper->escapeHtml',
     ];
 }
diff --git a/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc b/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc
index a311427a..5abf6dd5 100644
--- a/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc
+++ b/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.inc
@@ -462,3 +462,5 @@ $int = intval($int);
 $str = chop($text, 'ttt');
 
 md5($text);
+
+htmlspecialchars('text');
diff --git a/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.php b/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.php
index dbb1f9b8..30285182 100644
--- a/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.php
+++ b/Magento2/Tests/Functions/DiscouragedFunctionUnitTest.php
@@ -249,6 +249,7 @@ public function getWarningList()
             458 => 1,
             460 => 1,
             462 => 1,
+            466 => 1
         ];
     }
 }