Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Multiplayer API now respects allow_object_decoding #27398
Note that var decoding is still allowed for
I'm also making a separate branch to fix in
Fixes #27395 .
I'm also wondering, if we should change the defaults for
referenced this pull request
Mar 25, 2019
That sounds good to me.
I agree, it's better that the defaults are safe. We can't expect people to read the documentation to ensure that their use of these APIs is safe, so it's better that they have to read them to find out how to use the unsafe behaviour when needed :)
It's a slight compat breakage but that's justified for security purposes IMO.