[StimulusBundle] Add html escaping strategy by default, more optimi…

…zations by replacing functions calls/arrays creation by foreach

src/StimulusBundle/src/Dto/StimulusAttributes.php

@@ -110,37 +110,30 @@ public function __toString(): string
         $attributes = [];
 
         if ($this->controllers) {
-            $attributes[] = 'data-controller="'.$this->escape(implode(' ', $this->controllers), 'html').'"';
+            $attributes[] = 'data-controller="'.$this->escape(implode(' ', $this->controllers)).'"';
         }
 
         if ($this->actions) {
-            // done separately so we can escape, but avoid escaping ->
-            $actions = array_map(function (array $actionData): string {
-                $controllerName = $actionData['controllerName'];
-                $actionName = $actionData['actionName'];
-                $eventName = $actionData['eventName'];
-
-                $action = $this->escape($controllerName.'#'.$actionName, 'html');
+            $actions = [];
+            foreach ($this->actions as ['controllerName' => $controllerName, 'actionName' => $actionName, 'eventName' => $eventName]) {
+                $action = $this->escape($controllerName.'#'.$actionName);
                 if (null !== $eventName) {
-                    $action = $this->escape($eventName, 'html').'->'.$action;
+                    // done separately so we can escape, but avoid escaping ->
+                    $action = $this->escape($eventName).'->'.$action;
                 }
 
-                return $action;
-            }, $this->actions);
+                $actions[] = $action;
+            }
 
             $attributes[] = 'data-action="'.implode(' ', $actions).'"';
         }
-
-        if ($this->targets) {
-            $attributes[] = implode(' ', array_map(function (string $key, string $value): string {
-                return $this->escape($key, 'html_attr').'="'.$this->escape($value, 'html').'"';
-            }, array_keys($this->targets), $this->targets));
+
+        foreach ($this->targets as $k => $v) {
+            $attributes[] = $this->escape($k, 'html_attr').'="'.$this->escape($v).'"';
         }
 
-        if ($this->attributes) {
-            $attributes[] = implode(' ', array_map(function (string $attribute, string $value): string {
-                return $this->escape($attribute, 'html_attr').'="'.$this->escape($value, 'html').'"';
-            }, array_keys($this->attributes), $this->attributes));
+        foreach ($this->attributes as $k => $v) {
+            $attributes[] = $this->escape($k, 'html_attr').'="'.$this->escape($v).'"';
         }
 
         return implode(' ', $attributes);
@@ -182,7 +175,7 @@ public function toEscapedArray(): array
     {
         $escaped = [];
         foreach ($this->toArray() as $key => $value) {
-            $escaped[$key] = $this->escape($value, 'html');
+            $escaped[$key] = $this->escape($value);
         }
 
         return $escaped;
@@ -201,7 +194,7 @@ private function getFormattedValue(mixed $value): string
         return (string) $value;
     }
 
-    private function escape(mixed $value, string $strategy): string
+    private function escape(mixed $value, string $strategy = 'html'): string
     {
         if (class_exists(EscaperRuntime::class)) {
             return $this->env->getRuntime(EscaperRuntime::class)->escape($value, $strategy);