From 8f4aea9ff6ba85b894973951595158d6a5efa27b Mon Sep 17 00:00:00 2001 From: Tatiana Ovchinnikova Date: Thu, 21 Mar 2024 15:43:39 -0500 Subject: [PATCH] Sanitize data for CSV generation Change-Id: I882fe376613ff1dc13a61f38b59d2a2567dbba7d --- horizon/utils/csvbase.py | 5 ++++- openstack_dashboard/dashboards/identity/projects/tests.py | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/horizon/utils/csvbase.py b/horizon/utils/csvbase.py index 4009cc44c..656be1e86 100644 --- a/horizon/utils/csvbase.py +++ b/horizon/utils/csvbase.py @@ -57,7 +57,10 @@ class CsvDataMixin(object): self.writer.writerow([self.encode(col) for col in args]) def encode(self, value): - return str(value) + data = str(value) + if data and data[0] in ('=', '+', '-', '@', chr(9), chr(13)): + return "'" + data + return data class BaseCsvResponse(CsvDataMixin, HttpResponse): diff --git a/openstack_dashboard/dashboards/identity/projects/tests.py b/openstack_dashboard/dashboards/identity/projects/tests.py index 635f98123..7f5dbff9e 100644 --- a/openstack_dashboard/dashboards/identity/projects/tests.py +++ b/openstack_dashboard/dashboards/identity/projects/tests.py @@ -1226,10 +1226,10 @@ class UsageViewTests(test.BaseAdminViewTests): hdr = ('"Instance Name","VCPUs","RAM (MB)","Disk (GB)",' '"Usage (Hours)","Age (Seconds)","State"') self.assertContains(res, '%s\r\n' % hdr) - usage_1_quoted = ('"=cmd|\' /C calc\'!A0","1","512","0","122.87",' + usage_1_quoted = ('"\'=cmd|\' /C calc\'!A0","1","512","0","122.87",' '"442321","Active"') self.assertContains(res, '%s\r\n' % usage_1_quoted) - usage_2_quoted = ('"=cmd|\' /C calc\'!A0","1","512","0","2.61",' + usage_2_quoted = ('"\'=cmd|\' /C calc\'!A0","1","512","0","2.61",' '"9367","Active"') self.assertContains(res, '%s\r\n' % usage_2_quoted) -- 2.44.0