Merge branch 'iss3' into 'master'
Fix Formula Injection in CSV Export Closes #3 See merge request !2
This commit is contained in:
Luc Didry
commit
30af3deb29
1 changed files with 9 additions and 1 deletions
10
server.js
10
server.js
|
|
@ -575,17 +575,25 @@ function exportBoard( format, client, data )
|
||||||
} else if (format === 'csv') {
|
} else if (format === 'csv') {
|
||||||
var max = 0;
|
var max = 0;
|
||||||
var line = new Array();
|
var line = new Array();
|
||||||
|
var patt_vuln = new RegExp("^[=+\-@]");
|
||||||
for (var i = 0; i < columns.length; i++) {
|
for (var i = 0; i < columns.length; i++) {
|
||||||
if (cols[columns[i]].length > max) {
|
if (cols[columns[i]].length > max) {
|
||||||
max = cols[columns[i]].length;
|
max = cols[columns[i]].length;
|
||||||
}
|
}
|
||||||
line.push('"'+columns[i].replace(/"/g,'""')+'"');
|
var val = columns[i].replace(/"/g,'""');
|
||||||
|
if (patt_vuln.test(val)) { // prevent CSV Formula Injection
|
||||||
|
var val = "'"+val;
|
||||||
|
}
|
||||||
|
line.push('"'+val+'"');
|
||||||
}
|
}
|
||||||
text.push(line.join(','));
|
text.push(line.join(','));
|
||||||
for (var j = 0; j < max; j++) {
|
for (var j = 0; j < max; j++) {
|
||||||
line = new Array();
|
line = new Array();
|
||||||
for (var i = 0; i < columns.length; i++) {
|
for (var i = 0; i < columns.length; i++) {
|
||||||
var val = (cols[columns[i]][j] !== undefined) ? cols[columns[i]][j]['text'].replace(/"/g,'""') : '';
|
var val = (cols[columns[i]][j] !== undefined) ? cols[columns[i]][j]['text'].replace(/"/g,'""') : '';
|
||||||
|
if (patt_vuln.test(val)) { // prevent CSV Formula Injection
|
||||||
|
var val = "'"+val;
|
||||||
|
}
|
||||||
line.push('"'+val+'"');
|
line.push('"'+val+'"');
|
||||||
}
|
}
|
||||||
text.push(line.join(','));
|
text.push(line.join(','));
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue