Skip to main content
Next.js security recommended

Always Validate Server Action Inputs

Server Actions are public HTTP endpoints. Always validate and sanitize all inputs using Zod or similar validation libraries to prevent security vulnerabilities.

Difficulty
intermediate
Read time
1 min read
Version
v1.0.0
Confidence
established
Last updated
Edit on GitHub Report Issue

Quick Reference

Server Actions are public HTTP endpoints. Always validate and sanitize all inputs using Zod or similar validation libraries to prevent security vulnerabilities.

Always Validate Server Action Inputs

Server Actions are public HTTP endpoints. Always validate and sanitize all inputs using Zod or similar validation libraries to prevent security vulnerabilities.

Tags

security server-actions validation zod owasp

Discussion

Related Guidelines

Data Fetching Patterns critical Performance Optimization recommended Routing & File Conventions critical Security Headers & Environment Variables critical