It’s an API, not direct access. One of the many points for APIs is it categorizes and restricts what can be done. No one is going to inject custom code through the web api to set a characters height.
I’m more concerned with where the user input validation takes place.
It doesn’t matter. Injection attacks are very common with API.
Please stop trying to fear monger. I’m very aware how this works, it’s what I do for a living.
To actually pull off some sort of injection attack, FS would have to have skipped the most basic of user input validation. We’re not talking about some arbitrary input like a forum post where you’d have an opportunity to inject something. The domain and range of the data is well defined and easy to validate. We’re talking about a string that will be cast to a float. Safely check that it’s a float, and if it is, check it’s between 2 values. Simple.
Pretending that FS skipped the user input validation… Any attacker would require intimate knowledge of the backend to do anything. It’s not like the database structure is published. Any attacker who could find a way to inject arbitrary code would still need a way to exfiltrate information on the structure of the database before they could attempt to do anything useful, which is a huge pain when doing it blind.
You call this fear monger? WHAT! I didn’t know taking a different perspective in order to make discussion interesting to read is considered fear mongering, lmao. Whatever man. I’m taking a break from this forum.
ple don 
Please take care of yourself, mental health is very important.
Now THIS is fear mongering.
It’s most likely just a public API, that guy is just a bit of a cooker.
As long as a mod is within the confines of what the game in principle supports, I am fine with it. You could argue that the mod mentioned by OP is technically merely a UI mod if the server does allow your characters’ height to be modified, and the game just does not provide the option for that in the UI.
You realize that your alleged injection attack happens every time someone creates a new character and initially sets their height?
Hope someone figures out how to change your backstory and voice.
Not sure why they don’t add this to the “barber”. Lore/logic be damned. This barber can change my past!
they easily could just pretend the first char died and got replaced, not like that not happening all the time anyway
They already said they will. But that it’s not a priority so it get pushed down every patch
should be pinned here, to avoid further confusion
I remember very early on release they said that changing voice/name/story was much more difficult to do than the other options. So that would take some more dedicated time to work/implement.
So as Heretical_Cactus said above, that’s become a lower priority since it’s going to require more work for somewhat low payoff in comparison to everything else that needs to be done.
It is hard to believe. We literally pick from a list at character creation.