EVOLUTION-MANAGER

Edit File: glue_safe.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>R: Safely interpolate strings</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" type="text/css" href="R.css" /> </head><body> <table width="100%" summary="page for glue_safe {glue}"><tr><td>glue_safe {glue}</td><td style="text-align: right;">R Documentation</td></tr></table> <h2>Safely interpolate strings</h2> <h3>Description</h3> <p><code>glue_safe()</code> and <code>glue_data_safe()</code> differ from <code>glue()</code> and <code>glue_data()</code> in that the safe versions only look up symbols from an environment use <code><a href="../../base/html/get.html">get()</a></code> they do not execute any R code. This makes them suitable when used with untrusted input, such as inputs in a shiny application, where using the normal functions would allow an attacker to execute arbitrary code. </p> <h3>Usage</h3> <pre> glue_safe(..., .envir = parent.frame()) glue_data_safe(.x, ..., .envir = parent.frame()) </pre> <h3>Arguments</h3> <table summary="R argblock"> <tr valign="top"><td><code>...</code></td> <td> <p>[<code>expressions</code>]<br /> Unnamed arguments are taken to be expressions string(s) to format. Multiple inputs are concatenated together before formatting. Named arguments are taken to be temporary variables available for substitution.</p> </td></tr> <tr valign="top"><td><code>.envir</code></td> <td> <p>[<code>environment</code>: <code>parent.frame()</code>]<br /> Environment to evaluate each expression in. Expressions are evaluated from left to right. If <code>.x</code> is an environment, the expressions are evaluated in that environment and <code>.envir</code> is ignored. If <code>NULL</code> is passed it is equivalent to <code><a href="../../base/html/environment.html">emptyenv()</a></code>.</p> </td></tr> <tr valign="top"><td><code>.x</code></td> <td> <p>[<code>listish</code>]<br /> An environment, list or data frame used to lookup values.</p> </td></tr> </table> <h3>Examples</h3> <pre> "1 + 1" &lt;- 5 # glue actually executes the code glue("{1 + 1}") # glue_safe just looks up the value glue_safe("{1 + 1}") rm("1 + 1") </pre> <hr /><div style="text-align: center;">[Package <em>glue</em> version 1.4.2 <a href="00Index.html">Index</a>]</div> </body></html>