class Phlex::CSV

def escape(value)

def escape(value)
	value = trim_whitespace? ? value.to_s.strip : value.to_s
	first_char = value[0]
	last_char = value[-1]
	if escape_csv_injection? && FORMULA_PREFIXES[first_char]
		# Prefix a single quote to prevent Excel, Google Docs, etc. from interpreting the value as a formula.
		# See https://owasp.org/www-community/attacks/CSV_Injection
		%("'#{value.gsub('"', '""')}")
	elsif (!trim_whitespace? && (SPACE_CHARACTERS[first_char] || SPACE_CHARACTERS[last_char])) || value.include?('"') || value.include?(",") || value.include?("\n")
		%("#{value.gsub('"', '""')}")
	else
		value
	end
end

Included Modules

Phlex::Callable

Instance Methods

# call
# column
# content_type
# each_item
# escape
# escape_csv_injection?
# filename
# helpers
# initialize
# render_headers?
# template
# trim_whitespace?
# yielder