Issue metadata
Sign in to add a comment
|
Spreadsheet equations evaluated in generation of Monorail-exported report
Reported by
anasro...@gmail.com,
Oct 15 2016
|
||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.101 Safari/537.36 OPR/40.0.2308.62 Steps to reproduce the problem: 1. Open a new report with the name =1+1 2. Search for the new reports 3. Export them as CSV 4. Look at the name of this report it will be 2 What is the expected behavior? What went wrong? Can run commands on the windows CMD Did this work before? N/A Chrome version: 53.0.2785.101 Channel: n/a OS Version: 10.0 Flash Version:
,
Oct 18 2016
Here at https://bugs.chromium.org create a new issue and name it as =1+1 and export the report as CSV and it will be 2
,
Oct 22 2016
if you need more info plz let me know :)
,
Oct 24 2016
> export the report as CSV and it will be 2 Can you please attach the CSV file in question? Are you sure that the value in the CSV is really "2" and it's not just being evaluated as "2" by the tool that you're using to load the CSV file? Monorail issues are generally tracked here: https://bugs.chromium.org/p/monorail/issues/list although I'm not sure whether they're set up to accept security bugs if this does prove to be a valid issue.
,
Oct 24 2016
I've confirmed that when you follow the reproduction steps, you receive a CSV file containing the literal string "=1+1" in the title column. When that CSV file is reloaded (e.g. into Google Sheets) the value is *then* parsed into the display value of "2". This suggests that everything is working-as-intended, and the original reporter's fear that the value was being parsed by the exporter in a dangerous way is unfounded.
,
Oct 24 2016
Marking as WontFix based on c#5.
,
Oct 25 2016
please see this report to undrstand what i mean :) https://hackerone.com/reports/72785 |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by mmoroz@chromium.org
, Oct 17 2016