Unfiltered support form?

If i were to create a form for support, that sends a message to a private webhook, am i required to filter the input?

1 Like

I am not sure about this, but I think the output is more important than the input. So if you output the sent request to the user, too, you may have to filter it. But if you don’t and also don’t store it on Roblox servers, you may not need to. I would do it in a way that you only return the support ID and maybe a custom title. For example, user reports “Problem with your [bad word] game!11eeeee” and your game responds: “Thank you for your request. Please note the support ID 123 for future answers of us”. But you of course have to filter on your end for e.g. vulnerabilities etc. Also don’t forget that depending on how you use the text, Roblox’s own filters will take place and help with that. But I don’t know much about it yet.