lib/phlex/csv.rb in phlex-1.11.0 vs lib/phlex/csv.rb in phlex-2.0.0.beta1
- old
+ new
@@ -1,13 +1,11 @@
# frozen_string_literal: true
class Phlex::CSV
- include Phlex::Callable
+ FORMULA_PREFIXES = Set["=", "+", "-", "@", "\t", "\r"].freeze
+ SPACE_CHARACTERS = Set[" ", "\t", "\r"].freeze
- FORMULA_PREFIXES = ["=", "+", "-", "@", "\t", "\r"].to_h { |prefix| [prefix, true] }.freeze
- SPACE_CHARACTERS = [" ", "\t", "\r"].to_h { |char| [char, true] }.freeze
-
def initialize(collection)
@collection = collection
@_headers = []
@_current_row = []
@_current_column_index = 0
@@ -82,22 +80,18 @@
@_current_row << escape(value)
@_current_column_index += 1
end
- def each_item(&block)
- collection.each(&block)
+ def each_item(&)
+ collection.each(&)
end
def yielder(record)
yield(record)
end
- def template(...)
- nil
- end
-
# Override and set to `false` to disable rendering headers.
def render_headers?
true
end
@@ -118,14 +112,14 @@
def escape(value)
value = trim_whitespace? ? value.to_s.strip : value.to_s
first_char = value[0]
last_char = value[-1]
- if escape_csv_injection? && FORMULA_PREFIXES[first_char]
+ if escape_csv_injection? && FORMULA_PREFIXES.include?(first_char)
# Prefix a single quote to prevent Excel, Google Docs, etc. from interpreting the value as a formula.
# See https://owasp.org/www-community/attacks/CSV_Injection
%("'#{value.gsub('"', '""')}")
- elsif (!trim_whitespace? && (SPACE_CHARACTERS[first_char] || SPACE_CHARACTERS[last_char])) || value.include?('"') || value.include?(",") || value.include?("\n")
+ elsif (!trim_whitespace? && (SPACE_CHARACTERS.include?(first_char) || SPACE_CHARACTERS.include?(last_char))) || value.include?('"') || value.include?(",") || value.include?("\n")
%("#{value.gsub('"', '""')}")
else
value
end
end