Hi there. As is known, a developer can add to React component a JS code to fetch an external resource by Node.js server during the build process. My question is, can I somehow for example with a custom plugin to block inside my account at your service all possible URLs of external resources that can be fetched by your Node.js server during your build process of my Next.js app and allow only some listed URLs to be fetched?
I do not understand your question. Please try rephrasing it.
Okay, I’ll try to explain with an example. A developer can add code to a component to fetch an external resource, such as the content of a specific file like
http.get('http://example.com/filename.ext', (contents) => {
// ...
});
And then he can also add code to write the fetched result to a file like
fs.writeFile('/write_result_to_file.txt', result, function(err) {
// ...
});
As far as I understand, during the build process such server code will be executed by your Node.js server.
The question is, can I within my account on your service block the ability to fetch any external resources in the manner described above and specify a list of allowed resources that can be fetched?
No, there’s no way to block any such thing.
And such blocking is impossible to achieve even if I created and implemented a custom plugin or module within my account?
I thought of that, but anything you do can be modified by your developer. So it won’t be a difficult task to remove any custom blocks that you add (if at all that’s possible that is) and work around it.
You probably mean the code that is uploaded to GitHub. But can I install a specific Node module through my account on your service without giving access to the account to other developers? So that they would only have access to GitHub. If I understand the whole process correctly.
No. There’s no such way.