Security preventing clickjacking

[developer543]

How do I prevent xss attacks?

[Timer]

Next.js has a comprehensive test suite that ensures the framework is not vulnerable to XSS attacks.

You're still ultimately responsible for preventing XSS attacks for any application code that handles user-input, though.
The framework (Next.js) handles as much as it can to prevent these types of attacks. Generally, if you're avoiding usage of eval and dangerouslySetInnerHTML you're pretty safe.

I'd take time to educate yourself about XSS to ensure you don't write any vulnerable code.

I've updated the title of this and converted it to a discussion, as this is a question and there is no security issue with Next.js.

If you do happen to find any Next.js vulnerability, please responsibly disclose it following our security policy, found on the Security tab of our GitHub repository.