Server scripts vs Assignment (run on sandbox)


#1

I’m working on a script that rezzes and flashlight entity if it finds that there are no other entities within range. From what I can tell it could be run as sever or assignment, server may be easier in t hat I can work on it directly in the client, is there any difference performance or permissions?


#2

No difference in permissions…
Server entity scripts essentially are entity scripts run by an assignment client.

It is actually very exploitable and I have made a fogbugs ticket to try to get it fixed from High Fidelity’s end and had a small solution:

Unfortunately: Even though they added a whitelist filter, it is not enabled by default, so the only other guard against it is simply to not allow anything to be added or edited in a domain.

Basically saying it out now in Public just to get it fixed properlyr because I am tired of waiting, and people should know to set their whitelists…


#3

Ok so we need to whitelist entities that run server scripts? (or else ye be foxbombed…)

… is this it?

Entity Scripts Allowed from:
Comma separated list of URLs (with optional paths) that entity scripts are allowed from. If someone attempts to create and entity or edit an entity to have a different domain, it will be rejected. If left blank, any domain is allowed.

Filter Entity Edits
Check all entity edits against this filter function.


#4

Yup.
-padding for max character length limit-