only escape str with len>1

datavisyn · Nov 5, 2023 · 39b1291 · 39b1291
1 parent 5d2ab42
commit 39b1291
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/visyn_core/xlsx.py b/visyn_core/xlsx.py
@@ -105,8 +105,8 @@ def _json2xlsx():
     bold = Font(bold=True)
 
     def _escape(v):
-        if isinstance(v, str) and v and v[0] in ["+", "-", "@", "="]:
-            _log.warning("CSV injection detected: %s", v)
+        if isinstance(v, str) and v and v[0] in ["+", "-", "@", "="] and len(v) > 1:
+            _log.warning("Escaping possible CSV injection: %s", v)
             return f"'{v}"
         return v