Resolve export to Excel and CSV vulnerability manually

Search

Resolve export to Excel and CSV vulnerability manually

In order to resolve the vulnerability of export to Excel and CSV manually, you need to follow the steps below:

1. Import the procedure WWP_DownloadReport from the following link

2. Set the BaseLocation property of WorkWithPlus Settings > Actions > Export and ExportCSV.

If you are generating Java, you have to set: WEB-INF/

If you are generating .Net or .Net Framework, you have to set: PrivateTempStorage/

3. Create a Global Event Block with the following properties:

The property 'Code' of the Event Block has the following value:

    &Session.Set(!'WWPExportFilePath', &Filename)
    &Session.Set(!'WWPExportFileName', !"<OBJ_NAME>Export.xlsx")
    &Filename = WWP_DownloadReport.Link()

4. Apply all WorkWithPlus instances

This can be done when saving the Event Block, that WorkWithPlus asks you whether you want to do or not:

5. If you are generating .Net or .Net Framework, make sure that the folder PrivateTempStorage inside <WebApp> folder exists.

Page Id