The new GetJoinData page is confusing and has broken grammar


#1

https://developer.roblox.com/api-reference/function/Player/GetJoinData

The grammar in the first few paragraphs are broken and the rest of the article does not clarify precisely what potential exploiters could do to the data.

For example:

If the teleport the Player arrived in the current place due to was initiated on a server (as opposed to a client) the Player’s teleportData is included in the dictionary returned by this function.

This should be “If the Player arrived in the current place via a a Teleport that was initiated on a server (and not on a client), the teleportData supplied in the function will be included in the dictionary returned by this function.”

However, as this data is transmitted by the client, it not 100% secure. Although the user cannot modify this data it is possible for them to view it or insert data from a previous teleport.

What does this mean? Can they modify existing keys or can they add more keys but not modify existing ones? This is confusing, and the rest of the article doesn’t clarify what exactly this phrase means.


#2

The tl;dr is that clients can read a teleport’s data, store it, and when they are teleporting they can transmit portions of the previous data with the new data. For example, if your game depends on the client teleportdata incrementing by 1 every time they teleport, don’t. They could revert back to any previous teleportData they’ve had before. So, this is not secure enough to handle sensitive information like inventory slots. They could make a trade and revert their inventory back to what it was before with teleportdata if you’re reading off it.

Probably should be more clear about that.


#3

I was about to create a post about this as I was super confused when trying to figure out how to use this.

(Bump in hopes it gets fixed)