refs #18760 - only build CSV URL from permitted params
Prevents malicious data being injected into the URL options (e.g. host) and prevents a security exception rendering URLs with non-sanitised params under Rails 5.0.
Related issues
Feature #18760: Create method for exporting tables from the UI as CSV
Added by Dominic Cleal about 7 years ago
refs #18760 - only build CSV URL from permitted params
Prevents malicious data being injected into the URL options (e.g. host)
and prevents a security exception rendering URLs with non-sanitised
params under Rails 5.0.