rusackas commented on code in PR #40645:
URL: https://github.com/apache/superset/pull/40645#discussion_r3338081088
##########
tests/unit_tests/utils/csv_tests.py:
##########
@@ -63,6 +63,13 @@ def test_escape_value():
result = csv.escape_value(" =10+2")
assert result == "' =10+2"
+ # A leading tab or carriage return is also treated as a dangerous prefix.
+ result = csv.escape_value("\t=10+2")
+ assert result == "'\t=10+2"
+
+ result = csv.escape_value("\r=10+2")
+ assert result == "'\r=10+2"
Review Comment:
Good catch — those tests covered behavior that was already handled by the
pre-existing `\s{1,}(?=[...])` alternative. Updated the tests to use `"\t10"`
and `"\rfoo"` instead, which specifically exercise the new `^[...\t\r]` branch
(tab/CR with no following dangerous char) added in this PR.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
