支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: 28d20b2ff790f34ed14de6f9771027c089aad5ca

来源
https://github.com/pouriam23/Pre-render-data-spoofing-on-React-Router-framework-mode-CVE-2025-43865
关联漏洞
标题:react-router 数据伪造问题漏洞 (CVE-2025-43865)
Description:react-router是Remix开源的一个 React 的声明式路由。 react-router 7.5.2之前版本存在数据伪造问题漏洞,该漏洞源于通过添加请求标头可能修改预渲染数据。
介绍
# Welcome to React Router!

A modern, production-ready template for building full-stack React applications using React Router.

[![Open in StackBlitz](https://developer.stackblitz.com/img/open_in_stackblitz.svg)](https://stackblitz.com/github/remix-run/react-router-templates/tree/main/default)

## Features

- 🚀 Server-side rendering
- ⚡️ Hot Module Replacement (HMR)
- 📦 Asset bundling and optimization
- 🔄 Data loading and mutations
- 🔒 TypeScript by default
- 🎉 TailwindCSS for styling
- 📖 [React Router docs](https://reactrouter.com/)

## Getting Started

### Installation

Install the dependencies:

```bash
npm install
```

### Development

Start the development server with HMR:

```bash
npm run dev
```

Your application will be available at `http://localhost:5173`.

## Building for Production

Create a production build:

```bash
npm run build
```

## Deployment

### Docker Deployment

To build and run using Docker:

```bash
docker build -t my-app .

# Run the container
docker run -p 3000:3000 my-app
```

The containerized application can be deployed to any platform that supports Docker, including:

- AWS ECS
- Google Cloud Run
- Azure Container Apps
- Digital Ocean App Platform
- Fly.io
- Railway

### DIY Deployment

If you're familiar with deploying Node applications, the built-in app server is production-ready.

Make sure to deploy the output of `npm run build`

```
├── package.json
├── package-lock.json (or pnpm-lock.yaml, or bun.lockb)
├── build/
│   ├── client/    # Static assets
│   └── server/    # Server-side code
```

## Styling

This template comes with [Tailwind CSS](https://tailwindcss.com/) already configured for a simple default starting experience. You can use whatever CSS framework you prefer.

---

Built with ❤️ using React Router.
文件快照

 [4.0K]  /data/pocs/28d20b2ff790f34ed14de6f9771027c089aad5ca
├── [4.0K]  app
│   ├── [ 300]  app.css
│   ├── [1.7K]  root.tsx
│   ├── [4.0K]  routes
│   │   └── [ 315]  home.tsx
│   ├── [ 134]  routes.ts
│   └── [4.0K]  welcome
│       ├── [6.0K]  logo-dark.svg
│       ├── [6.0K]  logo-light.svg
│       └── [4.1K]  welcome.tsx
├── [ 599]  Dockerfile
├── [ 814]  package.json
├── [230K]  package-lock.json
├── [4.0K]  public
│   └── [ 15K]  favicon.ico
├── [ 205]  react-router.config.ts
├── [1.8K]  README.md
├── [ 605]  tsconfig.json
└── [ 280]  vite.config.ts

4 directories, 15 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。