
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
nextjs-cors
Advanced tools
Nextjs-Cors is a node.js package to provide a middleware that can be used to enable CORS with various options in nextjs applications.
Nextjs-Cors
is a node.js package to provide a middleware that can be used to enable CORS with various options in nextjs applications.
First we will have to install, in order to use this wonderful package.
# Using npm
npm install nextjs-cors@latest
# Using yarn
yarn add nextjs-cors@latest
# Using pnpm
pnpm add nextjs-cors@latest
nextjs-cors uses the cors package, so we invite you to check the documentation https://github.com/expressjs/cors
pages/api/whoami.{ts,js}
import NextCors from 'nextjs-cors';
async function handler(req, res) {
// Run the cors middleware
// nextjs-cors uses the cors package, so we invite you to check the documentation https://github.com/expressjs/cors
await NextCors(req, res, {
// Options
methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE'],
origin: '*',
optionsSuccessStatus: 200, // some legacy browsers (IE11, various SmartTVs) choke on 204
});
// Rest of the API logic
res.json({ message: 'Hello NextJs Cors!' });
}
nextjs-cors
is an open source project licensed by MIT. You can grow thanks to the sponsors and the support of the amazing sponsors. If you want to join them, contact me here.
Thanks to the wonderful people who collaborate with me !
nextjs-cors
under License.
FAQs
Nextjs-Cors is a node.js package to provide a middleware that can be used to enable CORS with various options in nextjs applications.
The npm package nextjs-cors receives a total of 53,316 weekly downloads. As such, nextjs-cors popularity was classified as popular.
We found that nextjs-cors demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.