diff --git a/doc/classes/FileAccess.xml b/doc/classes/FileAccess.xml
index 687a64b8ff1..eda06d57daa 100644
--- a/doc/classes/FileAccess.xml
+++ b/doc/classes/FileAccess.xml
@@ -249,6 +249,7 @@
Returns the next [Variant] value from the file. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
@@ -447,6 +448,7 @@
Stores any Variant value in the file. If [param full_objects] is [code]true[/code], encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.
[b]Note:[/b] Not all properties are included. Only properties that are configured with the [constant PROPERTY_USAGE_STORAGE] flag set will be serialized. You can add a new usage flag to a property by overriding the [method Object._get_property_list] method in your class. You can also check how property usage is configured by calling [method Object._get_property_list]. See [enum PropertyUsageFlags] for the possible usage flags.
diff --git a/doc/classes/Marshalls.xml b/doc/classes/Marshalls.xml
index 1eeb0be7cec..e350f3212f9 100644
--- a/doc/classes/Marshalls.xml
+++ b/doc/classes/Marshalls.xml
@@ -29,6 +29,7 @@
Returns a decoded [Variant] corresponding to the Base64-encoded string [param base64_str]. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
@@ -52,6 +53,7 @@
Returns a Base64-encoded string of the [Variant] [param variant]. If [param full_objects] is [code]true[/code], encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.
diff --git a/doc/classes/PacketPeer.xml b/doc/classes/PacketPeer.xml
index ab2bc34672e..5dd9c5c9f9c 100644
--- a/doc/classes/PacketPeer.xml
+++ b/doc/classes/PacketPeer.xml
@@ -33,6 +33,7 @@
Gets a Variant. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
@@ -49,6 +50,7 @@
Sends a [Variant] as a packet. If [param full_objects] is [code]true[/code], encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.
diff --git a/doc/classes/StreamPeer.xml b/doc/classes/StreamPeer.xml
index 969cbac57d5..9a70690122a 100644
--- a/doc/classes/StreamPeer.xml
+++ b/doc/classes/StreamPeer.xml
@@ -109,6 +109,7 @@
Gets a Variant from the stream. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
@@ -234,6 +235,7 @@
Puts a Variant into the stream. If [param full_objects] is [code]true[/code] encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.