Welcome! Please see the About page for a little more info on how this works.

0 votes
in data.csv by

CSVs generated using clojure.csv is succeptible to injection attacks. It'd be a nice enhancement to have an option to apply this transformation on behalf of users.

For example:

(with-open (link: writer (io/writer "out-file.csv"))
(csv/write-csv writer

             (link: ["abc" "def")
              (link: "ghi" "=jkl")]))

See https://www.owasp.org/index.php/CSV_Injection

1 Answer

0 votes
Reference: https://clojure.atlassian.net/browse/DCSV-18 (reported by rymndhng)