search

Bunlong / react-papaparse

react-papaparse is the fastest in-browser CSV (or delimited text) parser for React. It is full of useful features such as CSVReader, CSVDownloader, readString, jsonToCSV, readRemoteFile, ... etc.
https://react-papaparse.js.org
MIT License
363 stars 60 forks source link

How to handle CSV Injection with jsonToCSV? #164

Closed akshay-8d66 closed 6 months ago

akshay-8d66 commented 6 months ago

https://owasp.org/www-community/attacks/CSV_Injection

Is there a way to handle CSV injection attacks when using jsonToCSV by escaping it this way:

one
akshay-8d66 commented 6 months ago

Never mind, found it via papaparse's docs.

jsonToCSV(data, { escapeFormulae: true })