I was wondering if I should be worried about an exploiter changing the callback from a RemoteFunction locally in a way? Mostly because what if they cause an infinite yield in my code or something.
I haven’t seen much people use RemoteFunctions to get client data for some reason, only the other way around.
You could possibly incorporate something into your code in-which the server detects if it’s been yielding for x amount of seconds and just skip the request and/or throw an error so it doesn’t hang forever. The only reason to be worried about what an exploiter could return depends on what you’re trying to get from the client.
You can always just use coroutines or spawn() to prevent it from yielding/stopping the entire script, just make sure you assign the return value to a variable that’s outside of the coroutine. Anything that you need to do with the return value should be placed within the same coroutine.
Not sure if this will solve enough problems to make :InvokeClient() feasible.
local result --put it outside of the coroutine so the rest of the script can access it
coroutine.resume(coroutine.create(function()
result = RemoteFunction:InvokeClient(player)
print(result)
end))
or
local result
spawn(function()
result = RemoteFunction:InvokeClient(player)
print(result)
end)
There is a forum I remember commenting on discussing the use of InvokeClient. The simple answer is to try and refrain from using it.
Here’s what we discussed:
And a good video to watch by the one and only Sleitnick:
