Closed pietrop closed 3 years ago
Is your Pull Request request related to another issue in this repository ?
Issue with escaping char in CSV output to prevent CSV injection.
https://owasp.org/www-community/attacks/CSV_Injection
Describe what the PR does
adds a ' at the beginning of every text line of the CSV to escape potential CSV injection.
'
State whether the PR is ready for review or whether it needs extra work
Ready to review Additional context
NA
Example output, notice the ' and how it "escapes" the CSV injection command =cmd|' /C calc'!'A1' that could be added at the beginning of a line.
=cmd|' /C calc'!'A1'
PS: There's an issue with the tests (jest) across the repo, that needs to be addressed as separate issue/PR
jest
Is your Pull Request request related to another issue in this repository ?
Issue with escaping char in CSV output to prevent CSV injection.
https://owasp.org/www-community/attacks/CSV_Injection
Describe what the PR does
adds a
'
at the beginning of every text line of the CSV to escape potential CSV injection.State whether the PR is ready for review or whether it needs extra work
Ready to review Additional context
NA
Example output, notice the
'
and how it "escapes" the CSV injection command=cmd|' /C calc'!'A1'
that could be added at the beginning of a line.