Is it possible to set some properties or data filters to prevent CSV injection? I am exporting data from JSON collection to report in CSV format. Penetration test found out that there can be a problem with CSV injection. Someone can add "=cmd|' /C notepad'!'A1'" to exported field and this will cause that excel can open notepad or other scripts. Is it possible to automatically escape some special characters in fields? I tried csvExporterConfiguration.setForceFieldEnclosure(true);[/code]But with no effect. I need to escape +, -, =, @, | characters. Can I do it somehow in jasper reports or I should do this data modification before exporting report? Regards Karel
