I've been struggling to force the read_xml function (xml2 package) to treat my character input as a literal string. Apparently, if the input doesn't look like XML enough, it will try to open it as an url, and also as a local file name. This freaks me out, even if it isn't an obvious security bug (but I can definitely see situations where it is). So, in short, how do I force the function to interpret my input as literal xml text, and disable the possibility of url/filename lookup?
I would prefer not to use the XML package, as it's apparently orphaned.