Stimulsoft Business Intelligence System | Forum

Hi everyone,

Is there any way to prevent csv injection while exporting the reports as CSV file?

Detailed Description:

For example we have got following csv output from report.

-------CSV with CSV Injection---------
Id,Name,Description
1,ABC,=5+4
-------CSV Ends----------

If we open the above csv file in excel then it interprets the last cell value (=5+4) as equation and shows 9 as cell value.
Is there any way to attach simple space char or single quote(') char as prefix while exporting the report in csv as shown below? This will fix our problem of CSV injection.

-------CSV with Fix---------
Id,Name,Description
1,ABC,'=5+4
-------CSV Ends----------

Please let me know if further information required.

Regards,
Shyam

Hello.

Why don't you just add a single quote(') before your expression? Something like this Thank you.

Thanks for your comments Alfa.

Actually we have to do the change at lot of places as we have some 100s of columns which needed to fixed. This change will also reflect in viewer as well as other export file formats.
Another issue is human error for future enhancements. Developer may miss this fix if new columns are added during improvements.

If we can get some configuration in stimulsoft library then it would be easy and full-proof fix.

Hello.

You could handle the Exported event and try to do necessary changes there.
If you need this feature, please, write a request to support@stimulsoft.com.

Thank you.