Are we allowed to let players run load string?

Was just wondering because me and @brokenVectors were just having a fight with the dev console in a test place finding different ways to mutilate the map, crash the game and kill each other, if we are allowed to connect load string to the player.chatted event allowing players to fight with their knowledge of Lua?


You can, but expect a lot of complaints from server shutdowns or crashes by the scripts.

(that would be fun though)

1 Like

You would be held responsible if a malicious actor decided to insert inappropriate stuff in game. I wouldn’t risk it, unless the game/command is closed to just devs or something.


Surely this could be covered under the same TOS as building games however? if a malicious actor builds something inappropriate it is then classed as Roblox’s problem, is this not just another example of individual player abusing freedom of creativity.

1 Like

When FE was a non-required option for games, games without FE were known to be moderated when exploiters inserted inappropriate stuff. I’d assume the same applies here.


Would you reckon we could be fine if we disabled some API such as inserting meshes, decals, audios etc. in addition to filtering strings?


If you sandbox it well, you might be safe, but I’m not sure. Something like “\109\101\97\110\32\119\111\114\100” would get past filters, but still be used to display “mean word”.


In that scenario, since we would be running Roblox’s own filter API on all strings inputted id imagine that would be Roblox’s issue, we as developers are only required to filter strings being show from the client to the server.

You’re also required to vet content that appears in your game. Individual cases of inappropriate content in games is a player’s responsibility and its occurrence en masse is a developer’s. You’d still be held accountable for inappropriate content if something inappropriate appears, even if you filter the string.