Before the introduction of FilteringEnabled many updates were mad in order to combat exploiting. These updates include the disabling of loadstring and InsertService having a tighter set of restrictions. At the time these were the right decision to be made and were very successful. However. Since the introduction of FilteringEnabled these are no longer a security concern for the server unless the place owner makes it possible themselves.
What I’d like to see is both the before mentioned features, InsertService and loadstring, returned to the original operation intentions. InsertService should be able to load any public domain model, and any model that the creator owns or has been created by ROBLOX or themselves. loadstring shouldn’t need to be disabled and the property LoadstringEnabled should be deprecated. Neither are security concerns for ROBLOX games anymore, and it would be great to have them back in action.
loadstring would still have to be disabled for clients because the client doesn’t have a Lua parser any more (adding it back is a security risk to non-FE games).
[quote] loadstring would still have to be disabled for clients because the client doesn’t have a Lua parser any more (adding it back is a security risk to non-FE games). [/quote]I’m on about server-only for all features. Also, in my opinion you open yourself up to exploiters by having filtering, disabled.
You can already do that by toggling LoadstringEnabled in ServerScriptService.[/quote]I am not on about loadstring on it’s own, this also relates to InsertService, not to mention when LoadstringEnabled is toggled, certain features become unavailable such as points.