Nextjs dynamic route page return 403 Forbidden error for only one specific user dynamic route

[rajat-devslane]

I have my route defined as patients/[userID].tsx in pages dir.

When I tried to access one of the specific active userID (eg. patients/7917067d) it gave 403 Forbidden error in prod only, In dev, it is working fine.

FYI, when I enter the wrong userId it gives 404 which is correct behaviour but don't know why only this userId which is correct gives a 403 error.

NOTE: I am using Static Generation with Client-side data fetching

EDITED:

There is a sentry error also which I think relates to the same problem:

[icyJoseph]

That 403 forbidden looks nothing like Next.js' error layout, could you share what headers you get back from this request? Of course do, remove sensitive data.

[rajat-devslane]

I am using 12.1.0

[icyJoseph]

I see, I think it might be worth upgrading and seeing if you still hit the error. I do recall there were some bugs around those versions, but I can't really point you in the right direction (to see if the bugs might be related to your case). Since tons of people report issues, it is hard to track an old issue :/

[rajat-devslane]

@icyJoseph I had the plan to upgrade it to the latest version but since it has major changes so I didn't upgrade it now as it was breaking my existing code.

Will update you once I upgrade the nextjs. Thanks for the help.

[icyJoseph]

You can upgrade to the latest 12.x.x version though. Not sure if it is 12.2.6, and see if the bug is still present, or at least takes another shape.

[rajat-devslane]

Sure I'll check that.

[rajat-devslane]

@icyJoseph Upgrading the nextjs package to 12.3.3 did the work. Thanks for your effort. Appreciate it.

[rajat-devslane]

@icyJoseph I just noticed this issue in a different way. When I go through the link to that route it works fine but when I directly enter that URL in a browser or refresh the page it gives 403 Forbidden error as just before.

[goldendilemma]

If somebody else stumbles upon this. I had this problem when using .htaccess with the directory indexing disabled Options -Indexes.

Fixed it by adding new default index files (index.html is standard) and in my case next generated a file in subfolder with a file called [[...adventureId]].html

Adding the following line to the .htaccess file fixed it for me

# [[...*]] is necessary for dynamically matched routes in static generation of next
DirectoryIndex index.html [[...adventureId]].html

[moniruzzamansaikat]

This is still not working with next.js 15.1.4 LOL