inner finch
Since animations are handled on the client to reduce server load, we load the ModuleScript via a LocalScript.
I tested with one server and two clients. My main account acted normally, while the second acted as an exploiter.
The exploiter could access and call methods from shared ModuleScripts in ReplicatedStorage. I intentionally triggered a method to play allowed animations from the ModuleScript using exploits.
The issue is, animations played by one client replicate to the server, meaning other players and the server can see them too. This allows exploiters to trigger unwanted or random animations, even ones technically allowed.
Here are simplified script examples:
- ModuleScript
-- AnimationHandler (ReplicatedStorage)
local AnimationHandler = {}
local allowed = {
wave = "rbxassetid://128777973",
dance = "rbxassetid://35654637"
}
function AnimationHandler:PlayAnimation(player, animName)
local char = player.Character
local hum = char:FindFirstChild("Humanoid")
local animator = hum:FindFirstChildOfClass("Animator")
local id = allowed[animName]
if not id then return end
local anim = Instance.new("Animation")
anim.AnimationId = id
animator:LoadAnimation(anim):Play()
end
return AnimationHandler
- LocalScript
-- StarterCharacterScripts
local p = game:GetService("Players").LocalPlayer
local handler = require(game.ReplicatedStorage:WaitForChild("AnimationHandler"))
local input = game:GetService("UserInputService")
input.InputBegan:Connect(function(i, gp)
if gp then return end
if i.KeyCode == Enum.KeyCode.G then handler:PlayAnimation(p, "wave")
elseif i.KeyCode == Enum.KeyCode.H then handler:PlayAnimation(p, "dance") end
end)
- Exploit
-- In executor/ReplicatedFirst
while task.wait(3) do
require(game.ReplicatedStorage:WaitForChild("AnimationHandler")):PlayAnimation(player, "dance")
end
Any tips to handle animations safely through ModuleScripts? Thanks!
cedar raft
hybrid glade