(react.dev)

298 points sangeeth96 | 1 comments | 11 Dec 25 20:46 UTC | HN request time: 0.524s | source

See also: https://blog.cloudflare.com/react2shell-rsc-vulnerabilities-..., https://nextjs.org/blog/security-update-2025-12-11

1. metta2uall ◴[12 Dec 25 03:51 UTC] No.46240706[source]▶

>>46236924 (OP) #

For the vast majority of projects it seems like the disadvantages of these highly complex RPC systems far exceed the benefits... Not just in terms of security but also the reduced observability compared to simple JSON..

↑

Denial of service and source code exposure in React Server Components