fix: CSV Injection in Application Chat Export

Author: shaohuzhang1

apps/application/serializers/application_chat.py

@@ -193,6 +193,8 @@ def to_row(row: Dict):
     def reset_value(value):
         if isinstance(value, str):
             value = re.sub(ILLEGAL_CHARACTERS_RE, '', value)
+            if value.startswith(('=', '+', '-', '@')):
+                value = "'" + value
         if isinstance(value, datetime.datetime):
             eastern = pytz.timezone(TIME_ZONE)
             c = datetime.timezone(eastern._utcoffset)