Loading video...

Video Failed to Load

Go Home

Next.js is the best option for building web apps, especially with RSC

61,954 views • 1 year ago •via X (Twitter)

11 Comments

Muhammed Samal's profile picture
Muhammed Samal1 year ago

RSC has significantly reduced the code required for backend/database connections!

Eli Schwartz's profile picture
Eli Schwartz1 year ago

Many sites are too focused trying to chase the PHD level of SEO best practices when, in reality, they would get the most value from just getting their basics right. Internal links is a basic:

Maelstrom's profile picture
Maelstrom1 year ago

Agreed. Plus, once Turbopack becomes production-ready and we get those seconds timed deployments it will break down the point of using any other JS framework.

Kim Asmes's profile picture
Kim Asmes1 year ago

Skill issues make people doubt a superior framework they can't handle.

Martins Zeltins's profile picture
Martins Zeltins1 year ago

Nuxt is even better!

Emanuel Turis's profile picture
Emanuel Turis1 year ago

Is it running on localhost or in production? The app looks great don't get me wrong, but doing it at scale both in terms of LOC and traffic is a whole different thing

Pontus Abrahamsson — oss/acc's profile picture
Pontus Abrahamsson — oss/acc1 year ago

prod

Krishna Singh's profile picture
Krishna Singh1 year ago

they have really made the server components easy and usable for all. 🌱

Vicente Sanchez's profile picture
Vicente Sanchez1 year ago

agree, besides SPA… they dont deserve next

Pontus Abrahamsson — oss/acc's profile picture
Pontus Abrahamsson — oss/acc1 year ago

I usually end up wanting to do something on the backend, cookies/db/auth so it just make sense to default to next.js, you can mix and match as you want

Wilson Hou's profile picture
Wilson Hou1 year ago

devex is incredible and speed is fast af

Related Videos

🚨 POC for CVE-2025-55182 that works on Next.js 16.0.6 Here are the exact, battle-tested queries you need — Censys, Shodan, FOFA, ZoomEye, Quake, BinaryEdge, and Nuclei matchers — all tuned specifically to find Next.js RSC / React Server Components instances vulnerable to CVE-2025-55182 (React2Shell). ⸻ ✅ 1. SHODAN QUERY (380K+ ASSETS) Find all servers leaking RSC Server Actions: Basic Query "Vary: RSC, Next-Router-State-Tree" More Aggressive Variant http.headers.vary:"RSC" AND http.headers.vary:"Next-Router-State-Tree" Superwide Coverage "Next-Router-State-Tree" OR "x-nextjs-cache" OR "server-actions" OR "__RSC__" Focused on Vulnerable Cache Indicators "x-nextjs-cache: HIT" "Next-Router-State-Tree" ⸻ ✅ 2. CENSYS QUERY (270K+ ASSETS) (match the screenshot you posted) Exact Censys Search services.http.response.headers.vary: "RSC, Next-Router-State-Tree" Safer Multi-Matcher services.http.response.headers.vary: "RSC" AND services.http.response.headers.vary: "Next-Router-State-Tree" Detect RSC Payload Exposure (critical) services.http.response.body: "__RSC__" Detect Flight Data Leaks services.http.response.body: "server-reference-manifest" ⸻ ✅ 3. FOFA QUERY (CHINA’S OSINT GIANT) (VERY POWERFUL for RSC/Next.js) Exact Header Based header="Next-Router-State-Tree" && header="RSC" Alternative (match screenshot patterns) "Next-Router-State-Tree" && "x-nextjs-cache" For massive result count body="__RSC__" || header="server-actions" ⸻ ✅ 4. ZOOMEYE QUERY ZoomEye scans often catch Node.js apps Shodan misses. Exact Unicode-Ready Query "Next-Router-State-Tree" && "RSC" Advanced app:"Next.js" && header:"RSC" ⸻ ✅ 5. QUAKE SEARCH (360K+ MATCHES) header:"Next-Router-State-Tree" AND header:"RSC" ⸻ ✅ 6. BINARYEDGE QUERY http.response.headers.vary:"Next-Router-State-Tree" ⸻ ✅ 7. QUERY headers:"Next-Router-State-Tree" && headers:"RSC" ⸻ 🎯 8. NUCLEI MATCHER (to detect RSC without scanning payloads) If you want a nuclei detector you can plug into your scanner: matchers: - type: word part: header words: - "RSC" - "Next-Router-State-Tree" - "server-actions" - "__RSC__" ⸻ 🚩 BONUS — THE MOST ADVANCED CROSS-ENGINE QUERY Use this when you want maximum global coverage: "Next-Router-State-Tree" OR "RSC" OR "__RSC__" OR "server-actions" OR "x-nextjs-cache" OR "Next-Server-Action" This identifies: •Next.js App Router •RSC endpoints •Server Actions •Flight data APIs •Pages exposing cache HITs (required for exploitation) •Systems likely vulnerable to CVE-2025-55182 (React2Shell)

X

10,469 views • 7 months ago