The only “good” side of GetObjects is that it allows me to lessen the work on my patner for making his animations R15 compatible - but besides that, if sharing animations was easier, it’d be great to have this area of insecure API removed.
I mentioned this to Seranok ages ago (like months) and he said that it (and presumable ::GetObjects) were removed. That’s clearly not a thing that’s happened, but that might be why you were under that impression.
I don’t think that one applies? iirc, GetObjects with rbxassetid:// is the same as GetObjects with /asset/?id=, which’ll just download the file the same way as if done by going to that address in the browser. Thus you can insert every free model, or private models you have access to.
Apart from that, I thought loadstring() didn’t work clientside anymore, that it even got removed, no? Might this code be executed inside one of those “lvl7 environments”, that also have getrawmetatable(), saveinstance(), … ?
EDIT: Did a quick test online: game.GetObjects is indeed removed. Either that code is very old, or it’s for one of those exploit environments.
GetObjects has been re-implemented by some exploits. It isn’t in the normal client anymore. It might appear in the API though as it does exist in studio, server, and for internal unit tests.
That said, it can only do what the exploit could already do. Basically, the exploit has a convenience command that has the familiar name “GetObjects” to allow existing exploit localscripts to work more easily.