From 53ab3a1ba92237a15ce74b7b35ce78c1defbfa47 Mon Sep 17 00:00:00 2001
From: Fabio Alessandrelli <fabio.alessandrelli@gmail.com>
Date: Thu, 28 Mar 2019 09:52:31 +0100
Subject: Multiplayer API now respects allow_object_decoding

Add doc about allow_object_decoding in PacketPeer
---
 doc/classes/PacketPeer.xml | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'doc/classes')

diff --git a/doc/classes/PacketPeer.xml b/doc/classes/PacketPeer.xml
index a4cf0c8029..41f5eaf555 100644
--- a/doc/classes/PacketPeer.xml
+++ b/doc/classes/PacketPeer.xml
@@ -60,6 +60,8 @@
 	</methods>
 	<members>
 		<member name="allow_object_decoding" type="bool" setter="set_allow_object_decoding" getter="is_object_decoding_allowed">
+			If [code]true[/code] the PacketPeer will allow encoding and decoding of object via [method get_var] and [method put_var].
+			[b]WARNING:[/b] Deserialized object can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats (remote code execution).
 		</member>
 	</members>
 	<constants>
-- 
cgit v1.2.3