shertage
commented
2 months ago Hi @alexyang2920 , could you please let us know more details (some use cases maybe) about the necessity of a configurable escape character?
Thank you, Sanda
Closed alexyang2920 closed 1 month ago
shertage
commented
2 months ago Hi @alexyang2920 , could you please let us know more details (some use cases maybe) about the necessity of a configurable escape character?
Thank you, Sanda
alexyang2920
commented
2 months ago Originally we were thinking if we could prepending a single quote which could be hidden in excel, however it looks like the single quote still shows unless you double click the excel cell, however it's still be good to make it configurable in case someone want to use single quote or other characters.
teodord
commented
1 month ago I'm sorry, but I still don't understand what the issue is. We are using a space character for escaping formulas. What is wrong with using a space and why would you need to use something else? You explained what you were trying, but did not explain why you tried it. Or at least I did not get it.
Thank you, Teodor
alexyang2920
commented
1 month ago Hi, I think it's not a big deal, I knew empty space work very well for escaping the formula injection, I was thinking about prepending a single quote for each potential formula cell, such that the cell shows the original text when opening the csv file in excel. (FYI The leading single quote will be hidden in excel, for example a cell text '=abc will be displayed as =abc in excel, although the text is still '=abc in csv file.
teodord
commented
1 month ago Alex, the more you explain what you are trying to do, the more you make me curious about what the problem is. Please, can you tell me what the problem with space is? What exactly is not right? You keep saying what you want to do, but never tell what is wrong with what you are seeing when space is used. What exactly is not working the way you think it should?
I really want to know now.
Thank you, Teodor
alexyang2920
commented
1 month ago Excel has a feature, when a text starts with single quote, it will hide the single quote and show the remaining text. Originally I wanted to show original value displayed in excel, and didn’t want to see the additional space showed in excel, does it make sense?
alexyang2920
commented
1 month ago BTW we finally chose single empty space, because using either one, we need to explain to users why we have that additional letter in that csv report file. We were considering users’ experience for reading the csv files in excel, but tbh, empty space is easier to handle if users want to integrate csv file on their system.
teodord
commented
1 month ago OK, I think I understand now that you did not want to see the space in the cell and counted on this Excel feature that does not show single quotes char. While this single quote char feature seems nice, it does not to work in LibreOffice/OpenOffice. Maybe yet another reason to abandon this approach as it does not seem to be a standard thing.
Thank you for your patience explaining it to me.
I'm closing it for now, but we are open to other suggestions and proposals in the future.
Thank you, Teodor
Currently, JasperReports uses a space character to escape formulas in CSV files to prevent CSV injection. You can see the implementation details here. It would be beneficial if JasperReports allowed users to configure the escape character.