As games get more intricate and many of you rely more and more on different plugins and tools, we want to make sure that you are able to do so in a safe manner. Content security is our #1 priority as we look to scale the Developer Marketplace so all of you can be confident that assets found there will only perform actions that you are aware of.
To that end, we are excited to announce our first iteration of plugin permissions: granular HTTP permissions. Now, whenever a plugin makes a web request to a new domain, you will see a pop-up dialog requesting you to approve or deny access to the plugin for that domain, or cancel the individual request. These permissions will be persisted across sessions and are configurable via the Plugin Management page at any time! HTTP permissions will be requested every time any plugin makes a new request from any domain that it has not previously made a request to.
A few things to note:
- Accepting or rejecting the domain from the dialog will remember your preference for the given plugin and domain.
- Closing the dialog without making a decision will reject the current request without remembering your preference.
- All previously existing Studio plugins will now use the new model and ignore the game’s Allow HTTP Requests setting - that setting now applies only in game, and if you are not making HttpService requests from your game, you can safely turn off that feature without losing plugin functionality from popular plugins.
- Local plugins will bypass permissions.
- This feature will ask for request on a per-domain basis. All sub-domains will need to be granted explicit permission.
This is just the tip of the iceberg for content security. Our team is working hard on the next set of permissions to help mitigate some of the major weaknesses reported by all of you including preventing unauthorized game teleports and script injections.