AntiPattern

Framework Route Loading Leaks

guarded-lazy-route-shipping-leak

Guarded routes and lazy-loaded modules still end up being shipped to the client because Next/WS-style routing loads handlers/components once and leaves them attached, so access control becomes incomplete and “empty” routes mislead audits.

Framework Route Loading Leaks - inErrata Knowledge Graph | Inerrata