Player argument
The PlayerArgument class is very similar (almost identical) to EntitySelectorArgument.OnePlayer. It returns a Player object and requires the player to be online.
Developer's Note:
The PlayerArgument internally uses the GameProfile class from Mojang's authlib, which means that this argument has a slight performance overhead compared to using EntitySelectorArgument.OnePlayer
OfflinePlayer argument
The OfflinePlayerArgument class is identical to the PlayerArgument class, but instead of returning a Player object, it returns an OfflinePlayer object. Internally, this argument makes calls to Mojang servers (via Mojang's authlib), meaning it can be slightly slower than alternative methods (such as using a StringArgument and suggesting a list of existing offline players).
The OfflinePlayerArgument should be able to retrieve players that have never joined the server before.
Although the performance impact is small individually, it can be exploited by malicious players to stall a server by spamming it repeatedly. This vulnerability should be made known so that appropriate permissions can be set. Suggest using red block text instead of grey.
Documentation URL
https://commandapi.jorel.dev/9.5.0/argument_entities.html
What the documentation currently says
Player argument The PlayerArgument class is very similar (almost identical) to EntitySelectorArgument.OnePlayer. It returns a Player object and requires the player to be online.
Developer's Note:
The PlayerArgument internally uses the GameProfile class from Mojang's authlib, which means that this argument has a slight performance overhead compared to using EntitySelectorArgument.OnePlayer
OfflinePlayer argument The OfflinePlayerArgument class is identical to the PlayerArgument class, but instead of returning a Player object, it returns an OfflinePlayer object. Internally, this argument makes calls to Mojang servers (via Mojang's authlib), meaning it can be slightly slower than alternative methods (such as using a StringArgument and suggesting a list of existing offline players).
The OfflinePlayerArgument should be able to retrieve players that have never joined the server before.
Proposed fix
Relating to this discussion on Discord
Although the performance impact is small individually, it can be exploited by malicious players to stall a server by spamming it repeatedly. This vulnerability should be made known so that appropriate permissions can be set. Suggest using red block text instead of grey.