Unplanned
Last Updated: 14 Jun 2022 13:50 by Brian
Brian
Created on: 14 Jun 2022 13:50
Category: ExcelExport
Type: Feature Request
1
Prevent formula injection in Excel file

Similar to the following feature request logged in Kendo UI for jQuery - Add ability to sanitize exported data in Excel spreadsheet to prevent formula-injection

So far cell values starting with '=', are executable in the Excel file:

https://stackblitz.com/edit/angular-v3pp4n-vspiss

There is a way to prevent that by manually customizing the generated workbook and adding a single quote prefix to the cell value.

cell.value = "'=Executable-Formula";

However, this will change the initial value of the cell.

Provide a way to prevent the formula injection and persist the value in the cell.

0 comments