top | item 46144842

(no title)

vinnymac | 2 months ago

The official blog post disagrees.

> Even if your app does not implement any React Server Function endpoints it may still be vulnerable if your app supports React Server Components.

discuss

jazzypants|2 months ago

Oops, yeah. My bad, you're right. It makes sense that any flight server that is capable of interpreting server functions would be vulnerable whether the codebase used them or not. It's an issue in the transport mechanism and not the actual RPC implementation.