zlacker

[return to "RCE Vulnerability in React and Next.js"]
1. bitbas+S9[view] [source] 2025-12-03 16:43:08
>>rayhaa+(OP)
It's almost like trying to magically wire up your frontend to the backend through magical functions is a bad idea.
◧◩
2. divisi+hY[view] [source] 2025-12-03 20:35:47
>>bitbas+S9
This reminds me of the recent SvelteKit Remote Functions GH discussion:

> Even in systems that prevent server functions from being declared in client code (such as "use server" in React Server Components), experienced developers can be caught out. We prefer a design that emphasises the public nature of remote functions rather than the fact that they run on the server, and avoids any confusion around lexical scope. [0]

[0] https://github.com/sveltejs/kit/discussions/13897

[go to top]