Hack this app in one easy step
This application demonstrates checking authentication in a layout, and assuming that pages within this layout are not accessible.
Sadly, this won't work.
Send a GET request on http://localhost:3000/
with the RSC
header set to 1.
You'll be able to access the paid content.
Possible solutions are:
- checking authentication in a middleware
- checking authentication in the page
- checking authentication in the data fetching method
This will rarely happen when fetching user-specific data, because you indirectly check authentication anytime you retrieve the current authenticated user.
However this mistake can happen when fetching generic but private data, like a paid blog post.
This is a Next.js template to use when reporting a bug in the Next.js repository with the app/
directory.
Getting Started
These are the steps you should follow when creating a bug report:
- Bug reports must be verified against the
next@canary
release. The canary version of Next.js ships daily and includes all features and fixes that have not been released to the stable version yet. Think of canary as a public beta. Some issues may already be fixed in the canary version, so please verify that your issue reproduces before opening a new issue. Issues not verified againstnext@canary
will be closed after 30 days. - Make sure your issue is not a duplicate. Use the GitHub issue search to see if there is already an open issue that matches yours. If that is the case, upvoting the other issue's first comment is desireable as we often prioritize issues based on the number of votes they receive. Note: Adding a "+1" or "same issue" comment without adding more context about the issue should be avoided. If you only find closed related issues, you can link to them using the issue number and
#
, eg.:I found this related issue: #3000
. - If you think the issue is not in Next.js, the best place to ask for help is our Discord community or GitHub discussions. Our community is welcoming and can often answer a project-related question faster than the Next.js core team.
- Make the reproduction as minimal as possible. Try to exclude any code that does not help reproducing the issue. E.g. if you experience problems with Routing, including ESLint configurations or API routes aren't necessary. The less lines of code is to read through, the easier it is for the Next.js team to investigate. It may also help catching bugs in your codebase before publishing an issue.
- Don't forget to create a new repository on GitHub and make it public so that anyone can view it and reproduce it.
How to use this template
Execute create-next-app
with npm, Yarn, or pnpm to bootstrap the example:
npx create-next-app --example reproduction-template reproduction-app
yarn create next-app --example reproduction-template reproduction-app
pnpm create next-app --example reproduction-template reproduction-app
Learn More
To learn more about Next.js, take a look at the following resources:
- Next.js Documentation - learn about Next.js features and API.
- Learn Next.js - an interactive Next.js tutorial.
- How to Contribute to Open Source (Next.js) - a video tutorial by Lee Robinson
- Triaging in the Next.js repository - how we work on issues
- CodeSandbox - Edit this repository on CodeSandbox
You can check out the Next.js GitHub repository - your feedback and contributions are welcome!
Deployment
If your reproduction needs to be deployed, the easiest way is to use the Vercel Platform from the creators of Next.js.
Check out our Next.js deployment documentation for more details.