Uploaded image for project: 'data.csv'
  1. DCSV-18

Support CSV Injection Escape Mechanisms

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Labels:
      None

      Description

      CSVs generated using clojure.csv is succeptible to injection attacks. It'd be a nice enhancement to have an option to apply this transformation on behalf of users.

      For example:

      (with-open [writer (io/writer "out-file.csv")]
      (csv/write-csv writer
      [["abc" "def"]
      ["ghi" "=jkl"]]))

      See https://www.owasp.org/index.php/CSV_Injection

        Attachments

          Activity

            People

            • Assignee:
              jonase Jonas Enlund
              Reporter:
              rymndhng RH
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated: