1

When we use the self-hosted version of Learn R or hosted version in shinyapps.io, the user can print out variables that contain the tutorial source code using the code evaluator.

For example in shinyapps hosted version, the user can run .server_context to get the source code of the current rmd:

enter image description here

(UPDATED) Example 2:

By running cat(system("cat /srv/connect/apps/ex-data-filter/ex-data-filter.Rmd", intern = TRUE), sep = '\n') can to get the source code of the current rmd too: enter image description here

But interestingly in rstudio.cloud hosted version, the code evaluator seems to be sandboxed, and all "sensitive" variables cannot be run through the evaluator.

enter image description here

Can I get some advice on how to implement such a secure code evaluator?

Thanks!

Elvin Chu
  • 150
  • 1
  • 8
  • 1
    I think you may have accidentally uploaded the same picture twice. – grrrck Jun 18 '22 at 01:11
  • 1
    Thanks for posting this! I’ve fixed the issue in the latest version of learnr available on GitHub: https://github.com/rstudio/learnr – grrrck Jun 18 '22 at 13:25
  • Hey @grrrck, thanks for the effort! But still in https://learnr-examples.shinyapps.io/ex-data-filter/#section-filter-rows-with-filter by runnng`cat(system("cat /srv/connect/apps/ex-data-filter/ex-data-filter.Rmd", intern = TRUE), sep = '\n')` can list the source code of the Rmd, is there any way to prevent this? – Elvin Chu Jun 18 '22 at 14:30
  • 1
    Would you mind taking this conversation to the learnr discussion board? https://github.com/rstudio/learnr/discussions – grrrck Jun 18 '22 at 19:54

0 Answers0