Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NextJS Accelerate Starter - Insecure random quote endpoint #6963

Closed
dansholds opened this issue Oct 30, 2024 · 1 comment · Fixed by #7569
Closed

NextJS Accelerate Starter - Insecure random quote endpoint #6963

dansholds opened this issue Oct 30, 2024 · 1 comment · Fixed by #7569

Comments

@dansholds
Copy link

Hey team,

When using the nextjs-starter project in the accelerate directory, I was getting failures when attempting to add a new quote to the DB.

It was only when checking out the endpoint in the browser and wrapping my POST request with better error handling that I was able to see this:

export async function POST(request: Request) {
  try {
    const response = await fetch('https://api.quotable.io/random', {
      cache: 'no-cache',
    })

    if (!response.ok) {
      throw new Error(`Fetch error: ${response.status} ${response.statusText}`)
    }

    const data = await response.json()
    await addQuote(data.content)

    return new Response(JSON.stringify({ quote: data.content }), {
      headers: { 'Content-Type': 'application/json' },
      status: 201,
    })
  } catch (error) {
    console.error('Error in POST request:', error)
    return new Response(
      JSON.stringify({ error: 'Failed to fetch or add quote.' }),
      {
        headers: { 'Content-Type': 'application/json' },
        status: 500,
      },
    )
  }
}

This can be negated in development by just setting export NODE_TLS_REJECT_UNAUTHORIZED='0' but I thought I'd let you know! Happy to submit a PR for the docs.
@jharrell
Copy link
Member

Hi there @dansholds ! Thank you very much for the issue.

If you wouldn't mind submitting a PR, that would be amazing. I'm happy to give it a prompt review.

ankur-arch added a commit that referenced this issue Feb 20, 2025
@ankur-arch
Update README.md for Accelerate starter
ec6cb13 
Closes #6963
@ankur-arch ankur-arch mentioned this issue Feb 20, 2025
Merged
ankur-arch added a commit that referenced this issue Feb 20, 2025
@ankur-arch @nikolasburk
Update README.md for Accelerate starter (#7569)
c2ae954 
* Update README.md for Accelerate starter

Closes #6963

* Update accelerate/nextjs-starter/README.md

---------

Co-authored-by: Nikolas <nikolas.burk@gmail.com>
ankur-arch added a commit that referenced this issue Feb 20, 2025
@ankur-arch @nikolasburk
Update README.md for Accelerate starter (#7569)
902672d 
* Update README.md for Accelerate starter

Closes #6963

* Update accelerate/nextjs-starter/README.md

---------

Co-authored-by: Nikolas <nikolas.burk@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update README.md for Accelerate starter prisma/prisma-examples
2 participants
@jharrell @dansholds