Video wird geladen...

Video konnte nicht geladen werden

Zur Startseite

Next.js is the best option for building web apps, especially with RSC

61,954 Aufrufe • vor 1 Jahr •via X (Twitter)

11 Kommentare

Profilbild von Muhammed Samal
Muhammed Samalvor 1 Jahr

RSC has significantly reduced the code required for backend/database connections!

Profilbild von Eli Schwartz
Eli Schwartzvor 1 Jahr

Many sites are too focused trying to chase the PHD level of SEO best practices when, in reality, they would get the most value from just getting their basics right. Internal links is a basic:

Profilbild von Maelstrom
Maelstromvor 1 Jahr

Agreed. Plus, once Turbopack becomes production-ready and we get those seconds timed deployments it will break down the point of using any other JS framework.

Profilbild von Kim Asmes
Kim Asmesvor 1 Jahr

Skill issues make people doubt a superior framework they can't handle.

Profilbild von Martins Zeltins
Martins Zeltinsvor 1 Jahr

Nuxt is even better!

Profilbild von Emanuel Turis
Emanuel Turisvor 1 Jahr

Is it running on localhost or in production? The app looks great don't get me wrong, but doing it at scale both in terms of LOC and traffic is a whole different thing

Profilbild von Pontus Abrahamsson — oss/acc
Pontus Abrahamsson — oss/accvor 1 Jahr

prod

Profilbild von Krishna Singh
Krishna Singhvor 1 Jahr

they have really made the server components easy and usable for all. 🌱

Profilbild von Vicente Sanchez
Vicente Sanchezvor 1 Jahr

agree, besides SPA… they dont deserve next

Profilbild von Pontus Abrahamsson — oss/acc
Pontus Abrahamsson — oss/accvor 1 Jahr

I usually end up wanting to do something on the backend, cookies/db/auth so it just make sense to default to next.js, you can mix and match as you want

Profilbild von Wilson Hou
Wilson Houvor 1 Jahr

devex is incredible and speed is fast af

Ähnliche Videos

🚨 POC for CVE-2025-55182 that works on Next.js 16.0.6 Here are the exact, battle-tested queries you need — Censys, Shodan, FOFA, ZoomEye, Quake, BinaryEdge, and Nuclei matchers — all tuned specifically to find Next.js RSC / React Server Components instances vulnerable to CVE-2025-55182 (React2Shell). ⸻ ✅ 1. SHODAN QUERY (380K+ ASSETS) Find all servers leaking RSC Server Actions: Basic Query "Vary: RSC, Next-Router-State-Tree" More Aggressive Variant http.headers.vary:"RSC" AND http.headers.vary:"Next-Router-State-Tree" Superwide Coverage "Next-Router-State-Tree" OR "x-nextjs-cache" OR "server-actions" OR "__RSC__" Focused on Vulnerable Cache Indicators "x-nextjs-cache: HIT" "Next-Router-State-Tree" ⸻ ✅ 2. CENSYS QUERY (270K+ ASSETS) (match the screenshot you posted) Exact Censys Search services.http.response.headers.vary: "RSC, Next-Router-State-Tree" Safer Multi-Matcher services.http.response.headers.vary: "RSC" AND services.http.response.headers.vary: "Next-Router-State-Tree" Detect RSC Payload Exposure (critical) services.http.response.body: "__RSC__" Detect Flight Data Leaks services.http.response.body: "server-reference-manifest" ⸻ ✅ 3. FOFA QUERY (CHINA’S OSINT GIANT) (VERY POWERFUL for RSC/Next.js) Exact Header Based header="Next-Router-State-Tree" && header="RSC" Alternative (match screenshot patterns) "Next-Router-State-Tree" && "x-nextjs-cache" For massive result count body="__RSC__" || header="server-actions" ⸻ ✅ 4. ZOOMEYE QUERY ZoomEye scans often catch Node.js apps Shodan misses. Exact Unicode-Ready Query "Next-Router-State-Tree" && "RSC" Advanced app:"Next.js" && header:"RSC" ⸻ ✅ 5. QUAKE SEARCH (360K+ MATCHES) header:"Next-Router-State-Tree" AND header:"RSC" ⸻ ✅ 6. BINARYEDGE QUERY http.response.headers.vary:"Next-Router-State-Tree" ⸻ ✅ 7. QUERY headers:"Next-Router-State-Tree" && headers:"RSC" ⸻ 🎯 8. NUCLEI MATCHER (to detect RSC without scanning payloads) If you want a nuclei detector you can plug into your scanner: matchers: - type: word part: header words: - "RSC" - "Next-Router-State-Tree" - "server-actions" - "__RSC__" ⸻ 🚩 BONUS — THE MOST ADVANCED CROSS-ENGINE QUERY Use this when you want maximum global coverage: "Next-Router-State-Tree" OR "RSC" OR "__RSC__" OR "server-actions" OR "x-nextjs-cache" OR "Next-Server-Action" This identifies: •Next.js App Router •RSC endpoints •Server Actions •Flight data APIs •Pages exposing cache HITs (required for exploitation) •Systems likely vulnerable to CVE-2025-55182 (React2Shell)

X

10,469 Aufrufe • vor 7 Monaten