Client script Cache, fileDelete(), luac

[UnchiuDawg]

Hello, from what I've seen on the forum and the wiki, I understand that it's like this:

You can either:

- delete the clientsided script file after it's loaded by using fileDelete() at the end (it gets downloaded to the hard drive, loaded, then deleted).

- download the clientsided script directly to the cache by using the cache setting in the meta.xml, so it never reaches the hard drive.

My questions are:

Are the client scripts always kept loaded in the cache while the client is connected to the server? Will they unload for whatever reason while the player is still on the server, or only when the player disconnects?

Is using the cache setting just a better and safer version of using fileDelete() at the end of the script?
I'm asking these questions because I saw this on the wiki:

Quote

• cache: When the script file type is "client", this setting controls whether the file is saved on the clients' hard drive. Default is "true". Using "false" will mean the file is not saved. (Note: cache=false files are started at the client first, so lua file load order might differ when mixing cache settings)

I assume I'd have to set every cilentsided script to cache=false in all of my resources in order to keep their loading order (talking about <download_priority_group></download_priority_group> in the meta.xml file), but can they unload from memory? And if that happens, do they get downloaded again and restarted, or does the player have to reconnect?

Should I just use luac + fileDelete() or luac + cache=false?

Please don't kill me because of my lack of knowledge, lol.

Edited December 28, 2018 by UnchiuDawg
typo

[Addlibs]

Using cache="false" is definitely safer, as they cannot be downloaded directly via http://serverip:serverport/resourcename/path/to/file.lua (you'll get "This script is not client cacheable" return message), and the only way to hijack the source code would be via a hacked client or by wiretapping the connection with Wireshark or something and somehow breaking the encryption on it. On the other hand, without blocking caching, users can technically download the file (provided they know the path and its filename) without executing it, thus the file wouldn't be deleted via fileDelete.

However, this also means if you're using a fast download external server to serve files, these files aren't cached or served by that external server, and instead, served directly from the game server. External servers like nginx can provide good compression to downloaded data, while MTA internal HTTP download server is very primitive and does not support compression or multiple client connections^[source].

Now to answer the other questions:

- Client scripts don't unload from memory except when restarting a resource or reconnecting to the server, in which case they're requested from the server again and downloaded (and saved if caching is enabled) and executed.

- If you're using cache="false" there's no need to use fileDelete, and indeed it could risk revealing file paths unless you also check fileExists before, as errors in clientscript.log may reveal paths if the file is attempted to be deleted but does not exist.

Edited December 28, 2018 by MrTasty

[UnchiuDawg]

1 hour ago, MrTasty said:

Using cache="false" is definitely safer, as they cannot be downloaded directly via http://serverip:serverport/resourcename/path/to/file.lua (you'll get "This script is not client cacheable" return message), and the only way to hijack the source code would be via a hacked client or by wiretapping the connection with Wireshark or something and somehow breaking the encryption on it. On the other hand, without blocking caching, users can technically download the file (provided they know the path and its filename) without executing it, thus the file wouldn't be deleted via fileDelete.

However, this also means if you're using a fast download external server to serve files, these files aren't cached or served by that external server, and instead, served directly from the game server. External servers like nginx can provide good compression to downloaded data, while MTA internal HTTP download server is very primitive and does not support compression or multiple client connections^[source].

Now to answer the other questions:

- Client scripts don't unload from memory except when restarting a resource or reconnecting to the server, in which case they're requested from the server again and downloaded (and saved if caching is enabled) and executed.

- If you're using cache="false" there's no need to use fileDelete, and indeed it could risk revealing file paths unless you also check fileExists before, as errors in clientscript.log may reveal paths if the file is attempted to be deleted but does not exist.

Thank you, it's everything I needed to know.