Class: StreamyCsv::InjectionSanitizer
- Inherits:
-
Object
- Object
- StreamyCsv::InjectionSanitizer
- Defined in:
- lib/streamy_csv/injection_sanitizer.rb
Constant Summary collapse
- PREFIXES_TO_ESCAPE =
%w(= @ + - |)
- ESCAPE_CHAR =
"'"
Class Method Summary collapse
Class Method Details
.sanitize_csv_row(row) ⇒ Object
6 7 8 9 10 11 12 13 14 15 16 |
# File 'lib/streamy_csv/injection_sanitizer.rb', line 6 def self.sanitize_csv_row(row) if row.is_a?(CSV::Row) sanitized_row = row.dup row.each do |title, value| if value.to_s.start_with?(*PREFIXES_TO_ESCAPE) sanitized_row[title] = "#{ESCAPE_CHAR}#{value}" end end end row end |