Issue Station
Sign In
Tools hereToolbox

nextjs - 💡(How to fix) Fix 16.2.6 regression: dev server silently exits (code 0) after first browser page load when using proxy.ts + --webpack

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…

After upgrading from 16.2.5 → 16.2.6, next dev --webpack silently exits with code 0 after serving exactly one browser-initiated page load. The server starts, serves the first request successfully (HTTP 200), then terminates. The issue is not reproducible with curl — it requires a real browser that triggers concurrent RSC prefetch requests alongside the initial page render.

Reverting to 16.2.5 is fully stable under the same conditions.

Error Message

import NextAuth from 'next-auth'; import { authConfig } from './auth.config'; import { NextResponse } from 'next/server';

const { auth } = NextAuth(authConfig);

export default auth((req) => { const { nextUrl } = req; const isAuthed = !!req.auth && !(req.auth as { error?: string }).error;

if (!isAuthed) { if (nextUrl.pathname.startsWith('/api/')) { return NextResponse.json({ error: 'unauthenticated' }, { status: 401 }); } const callbackUrl = encodeURIComponent(nextUrl.pathname + nextUrl.search); return NextResponse.redirect( new URL(/signin?callbackUrl=${callbackUrl}, nextUrl.origin), ); } });

export const config = { matcher: [ '/((?!signin|api/auth|api/mcp|_next/static|_next/image|favicon.ico).*)', ], };

Root Cause

After upgrading from 16.2.5 → 16.2.6, next dev --webpack silently exits with code 0 after serving exactly one browser-initiated page load. The server starts, serves the first request successfully (HTTP 200), then terminates. The issue is not reproducible with curl — it requires a real browser that triggers concurrent RSC prefetch requests alongside the initial page render.

Reverting to 16.2.5 is fully stable under the same conditions.

Fix Action

Workaround

Pin to [email protected] until this is fixed.

Code Example

import type { NextConfig } from "next";
import path from "path";
import createMDX from "@next/mdx";

const withMDX = createMDX({});

const nextConfig: NextConfig = {
  pageExtensions: ["js", "jsx", "ts", "tsx", "md", "mdx"],
  turbopack: {
    root: path.resolve(__dirname),
  },
};

export default withMDX(nextConfig);

---

import NextAuth from 'next-auth';
import { authConfig } from './auth.config';
import { NextResponse } from 'next/server';

const { auth } = NextAuth(authConfig);

export default auth((req) => {
  const { nextUrl } = req;
  const isAuthed = !!req.auth && !(req.auth as { error?: string }).error;

  if (!isAuthed) {
    if (nextUrl.pathname.startsWith('/api/')) {
      return NextResponse.json({ error: 'unauthenticated' }, { status: 401 });
    }
    const callbackUrl = encodeURIComponent(nextUrl.pathname + nextUrl.search);
    return NextResponse.redirect(
      new URL(`/signin?callbackUrl=${callbackUrl}`, nextUrl.origin),
    );
  }
});

export const config = {
  matcher: [
    '/((?!signin|api/auth|api/mcp|_next/static|_next/image|favicon.ico).*)',
  ],
};

---

Next.js 16.2.6 (webpack)
Ready in 153ms
Compiling / ...
 GET / 200 in 7.8s (next.js: 7.2s, proxy.ts: 113ms, application-code: 503ms)
[process exits with code 0 — no error, no stack trace]

---

Failed to load resource: net::ERR_EMPTY_RESPONSE @ /api/auth/session
ClientFetchError: Failed to fetch (next-auth)
Failed to load resource: net::ERR_EMPTY_RESPONSE @ /?_rsc=...
Failed to fetch RSC payload for http://localhost:3000/. Falling back to browser navigation.
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED @ ...
RAW_BUFFERClick to expand / collapse

Summary

After upgrading from 16.2.5 → 16.2.6, next dev --webpack silently exits with code 0 after serving exactly one browser-initiated page load. The server starts, serves the first request successfully (HTTP 200), then terminates. The issue is not reproducible with curl — it requires a real browser that triggers concurrent RSC prefetch requests alongside the initial page render.

Reverting to 16.2.5 is fully stable under the same conditions.

Reproduction steps

  1. Rename middleware.tsproxy.ts (as required by the v16 migration guide)
  2. Run next dev --webpack
  3. Open the app in a browser (or Playwright)
  4. The server handles the first request and exits with code 0

Environment

Next.js16.2.6
Node.js22.22.3 (Alpine)
Bundlerwebpack (--webpack flag)
PlatformmacOS 25.3.0 / Docker node:22-alpine
Authnext-auth 5.0.0-beta.31

next.config.ts

import type { NextConfig } from "next";
import path from "path";
import createMDX from "@next/mdx";

const withMDX = createMDX({});

const nextConfig: NextConfig = {
  pageExtensions: ["js", "jsx", "ts", "tsx", "md", "mdx"],
  turbopack: {
    root: path.resolve(__dirname),
  },
};

export default withMDX(nextConfig);

proxy.ts (renamed from middleware.ts)

import NextAuth from 'next-auth';
import { authConfig } from './auth.config';
import { NextResponse } from 'next/server';

const { auth } = NextAuth(authConfig);

export default auth((req) => {
  const { nextUrl } = req;
  const isAuthed = !!req.auth && !(req.auth as { error?: string }).error;

  if (!isAuthed) {
    if (nextUrl.pathname.startsWith('/api/')) {
      return NextResponse.json({ error: 'unauthenticated' }, { status: 401 });
    }
    const callbackUrl = encodeURIComponent(nextUrl.pathname + nextUrl.search);
    return NextResponse.redirect(
      new URL(`/signin?callbackUrl=${callbackUrl}`, nextUrl.origin),
    );
  }
});

export const config = {
  matcher: [
    '/((?!signin|api/auth|api/mcp|_next/static|_next/image|favicon.ico).*)',
  ],
};

Observed dev server output (16.2.6)

▲ Next.js 16.2.6 (webpack)
✓ Ready in 153ms
○ Compiling / ...
 GET / 200 in 7.8s (next.js: 7.2s, proxy.ts: 113ms, application-code: 503ms)
[process exits with code 0 — no error, no stack trace]

Browser console errors at time of crash

Failed to load resource: net::ERR_EMPTY_RESPONSE @ /api/auth/session
ClientFetchError: Failed to fetch (next-auth)
Failed to load resource: net::ERR_EMPTY_RESPONSE @ /?_rsc=...
Failed to fetch RSC payload for http://localhost:3000/. Falling back to browser navigation.
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED @ ...

Suspected cause

The crash coincides with the fix for GHSA-26hh-7cqf-hhc6 (middleware/proxy bypass via segment-prefetch routes — incomplete fix follow-up). The first browser load triggers concurrent RSC prefetch requests alongside the initial render. With proxy.ts in place, these prefetch requests now go through the new segment-prefetch security code added in 16.2.6. Something in that path appears to crash the process cleanly.

The crash does not happen with:

  • curl (single request, no concurrent prefetch)
  • Next.js 16.2.5 (same codebase, same proxy.ts, browser load works fine)

Workaround

Pin to [email protected] until this is fixed.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING