As more content gets added to our developer marketplace that you rely on, we want to ensure that all of you can be confident and safe with any asset you choose to use. As such, we are continuing to improve our suite of content security tools to ensure that all developers have complete awareness and control of 3rd party actions to games. Today we are excited to announce two new security settings directly targeted at known player experience attack vectors: third party purchase prompt controls and third party teleport controls.
In the Game Settings Dialog in Studio, you can find these two new security settings under the Security tab.
- Allow Third Party Sales: This setting is intended to control unintentional purchase prompts created by models or plugins that may disrupt gameplay. With this setting disabled, any purchase prompt for an asset that has been published by a user or group that is NOT the publisher of the current game will silently fail. However, any asset published under the ROBLOX account will be permitted. With this setting enabled, any purchase prompt will work as intended.
- Allow Third Party Teleports: This setting is intended to control unintentional cross game teleportations initiated by models or plugins that may disrupt gameplay. With this setting disabled, any cross game teleportation to a game that is published by a user or group that is NOT the publisher of the current game will silently fail. With this setting enabled, any cross game teleportation will work as intended.
- When these settings are disabled, any attempt to purchase 3rd party assets or teleport to 3rd party places will be blocked without intrusive notifications to your players.
- Both of these permissions are game-wide settings that will be applied to all places in that game.
- Changes to these settings will take effect when new game servers are initialized
- 3rd party purchase prompts that fail will be reported in the Output window in Studio and in the Developer Console. 3rd party teleportations that fail will be reported in just the Developer Console.
- Any game with a universeID less than 1877172798 will have these settings automatically enabled in order to ensure no game play breakage. If your game does not require these settings, please navigate to the Game Settings Dialog and disable them accordingly.
- Any game with a universeID greater than 1877172798 will have these settings automatically disabled to ensure maximum security.
- Currently, there exists a Workspace Property for every game dubbed AllowThirdPartySales. Unfortunately, the functionality behind this setting had bugs and was never fully enabled. As such, we will be deprecating this setting in favor of a game-wide permission as outlined above in this post. Therefore, any use of this setting will not be applied.
We hope these security features encourage all of you to continue to use assets from the Marketplace. And there are more to come in the future! Huge thank you to the team that made it happen: @Mr_Purrsalot, @iriszh, @portenio, @KurtisC_Roblox, @St4rst0n3, @April_Sheep, @ApplePineCake and @Seranok!