Add option to protect against formula injection attacks (#34)

Caxlsx used to treat cell values beginning with an equal sign as formula by default.

This can be dangerous if the input data is user generated or coming from other untrusted sources (see https://www.owasp.org/index.php/CSV_Injection for details).

This commit adds a new option `escape_formulas` that can be used with `#add_row` and on instances of `Cell`. If set to true, cell values beginning with an equal sign are treated as normal strings (and will be displayed literally by Excel and co.)

0 files changed, 0 insertions, 0 deletions