As a Roblox developer, it is currently too hard to make http requests or execute code in a plugin. There are many cases where either HttpService or loadstring aren’t available, forcing plugin developers to use hacky methods to simulate loadstring or stop making http requests.
HttpService Availability
| Datamodel | HttpEnabled Required | Availability |
|---|---|---|
| Edit Mode | Yes | Yes |
| Server | Yes | Yes |
| Client | - | No |
| It’s impossible to make requests without HttpEnabled, and you can’t make any requests in the client under any circumstances. |
Since individual http permissions for plugins are already a thing, I see no downside to implementing this.
Loadstring Availability
| Datamodel | LoadStringEnabled Required | Availability |
|---|---|---|
| Edit Mode | No | Yes |
| Server | Yes | Yes |
| Client | - | No |
| Loadstring has it a bit easier, since it can be used in edit mode without LoadStringEnabled, but the server still has the same problems and loadstring is disabled in the client, forcing plugin developers to use workarounds like creating a new module and editing its source. |
Some might say that “always having loadstring permissions is too dangerous”, but this is already the case, just with edit mode (where most of the damage to the game can be made), so it’s an invalid argument.
If Roblox is able to address this issue, it would improve my development experience because plugin developers would no longer need to use hacky and impractical methods to simulate loadstring or use plugin settings to cache http results. This would be especially useful for plugins like command bars that need to execute user-provided code or plugins like Reclass or gitblox, which rely on requests to be able to work.