Handling CSV Injection while exporting report as CSV file
Posted: Tue Nov 28, 2017 6:54 am
Hi everyone,
Is there any way to prevent csv injection while exporting the reports as CSV file?
Detailed Description:
For example we have got following csv output from report.
-------CSV with CSV Injection---------
Id,Name,Description
1,ABC,=5+4
-------CSV Ends----------
If we open the above csv file in excel then it interprets the last cell value (=5+4) as equation and shows 9 as cell value.
Is there any way to attach simple space char or single quote(') char as prefix while exporting the report in csv as shown below? This will fix our problem of CSV injection.
-------CSV with Fix---------
Id,Name,Description
1,ABC,'=5+4
-------CSV Ends----------
Please let me know if further information required.
Regards,
Shyam
Is there any way to prevent csv injection while exporting the reports as CSV file?
Detailed Description:
For example we have got following csv output from report.
-------CSV with CSV Injection---------
Id,Name,Description
1,ABC,=5+4
-------CSV Ends----------
If we open the above csv file in excel then it interprets the last cell value (=5+4) as equation and shows 9 as cell value.
Is there any way to attach simple space char or single quote(') char as prefix while exporting the report in csv as shown below? This will fix our problem of CSV injection.
-------CSV with Fix---------
Id,Name,Description
1,ABC,'=5+4
-------CSV Ends----------
Please let me know if further information required.
Regards,
Shyam