SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubShip Full StackFull StackFrontend

migrating-middleware-to-proxy

Teach middleware.ts to proxy.ts migration in Next.js 16. Use when migrating middleware, encountering middleware errors, or implementing request proxying.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
0
Hot score
74
Updated
March 20, 2026
Overall rating
C2.5
Composite score
2.5
Best-practice grade
A92.0

Install command

npx @skill-hub/cli install djankies-claude-configs-migrating-middleware-to-proxy

Repository

djankies/claude-configs

Skill path: nextjs-16/skills/migrating-middleware-to-proxy

Teach middleware.ts to proxy.ts migration in Next.js 16. Use when migrating middleware, encountering middleware errors, or implementing request proxying.

Open repository

Best for

Primary workflow: Ship Full Stack.

Technical facets: Full Stack, Frontend.

Target audience: everyone.

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: djankies.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install migrating-middleware-to-proxy into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/djankies/claude-configs before adding migrating-middleware-to-proxy to shared team environments
  • Use migrating-middleware-to-proxy for development workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

Original source / Raw SKILL.md

---
name: migrating-middleware-to-proxy
description: Teach middleware.ts to proxy.ts migration in Next.js 16. Use when migrating middleware, encountering middleware errors, or implementing request proxying.
allowed-tools: Read, Write, Edit, Glob, TodoWrite
version: 1.0.0
---

# MIGRATION: middleware.ts to proxy.ts

## Overview

Next.js 16 renames `middleware.ts` to `proxy.ts` and the `middleware` export to `proxy`. This is a **breaking change** with **security implications** (CVE-2025-29927).

## Why This Change Matters

**CVE-2025-29927**: Middleware-based authentication is fundamentally broken in Next.js. Middleware cannot reliably protect routes because:

- Middleware runs at the edge, but authentication state lives in databases/sessions
- Race conditions between middleware checks and route handlers
- Middleware can be bypassed through direct route access
- Edge runtime limitations prevent proper session verification

The rename to "proxy" clarifies that this API is for request/response manipulation, **not security**.

## Migration Steps

### 1. Rename the File

```bash
# Old location
src/middleware.ts

# New location
src/proxy.ts
```

### 2. Rename the Export

**Before (Next.js 15):**

```typescript
export function middleware(request: NextRequest) {
  return NextResponse.next();
}

export const config = {
  matcher: ['/api/:path*', '/dashboard/:path*'],
};
```

**After (Next.js 16):**

```typescript
export function proxy(request: NextRequest) {
  return NextResponse.next();
}

export const config = {
  matcher: ['/api/:path*', '/dashboard/:path*'],
};
```

### 3. Update Configuration

If using `next.config.js` or `next.config.ts`:

```typescript
const nextConfig = {
  experimental: {
  },
};
```

No configuration changes needed for proxy. The framework detects `proxy.ts` automatically.

## Security Migration

If you were using middleware for authentication, **you must migrate to route-level protection**.

### Before (Insecure)

```typescript
export function middleware(request: NextRequest) {
  const token = request.cookies.get('auth-token');

  if (!token) {
    return NextResponse.redirect(new URL('/login', request.url));
  }

  return NextResponse.next();
}

export const config = {
  matcher: ['/dashboard/:path*'],
};
```

### After (Secure)

**proxy.ts:**

```typescript
export function proxy(request: NextRequest) {
  const response = NextResponse.next();

  response.headers.set('x-custom-header', 'value');

  return response;
}
```

**app/dashboard/layout.tsx:**

```typescript
import { redirect } from 'next/navigation';
import { verifySession } from '@/lib/auth';

export default async function DashboardLayout({
  children,
}: {
  children: React.ReactNode;
}) {
  const session = await verifySession();

  if (!session) {
    redirect('/login');
  }

  return <>{children}</>;
}
```

**Key differences:**

- Authentication logic moves to Server Components
- Session verification happens in the same runtime as data access
- No race conditions between auth check and data fetch
- Can access database/session store reliably

## Valid Use Cases for proxy.ts

Use `proxy.ts` for:

1. **Request/response header manipulation**
   ```typescript
   export function proxy(request: NextRequest) {
     const response = NextResponse.next();
     response.headers.set('x-frame-options', 'DENY');
     return response;
   }
   ```

2. **Request logging/monitoring**
   ```typescript
   export function proxy(request: NextRequest) {
     console.log(`${request.method} ${request.url}`);
     return NextResponse.next();
   }
   ```

3. **URL rewriting**
   ```typescript
   export function proxy(request: NextRequest) {
     if (request.nextUrl.pathname === '/old-path') {
       return NextResponse.rewrite(new URL('/new-path', request.url));
     }
     return NextResponse.next();
   }
   ```

4. **Geolocation routing**
   ```typescript
   export function proxy(request: NextRequest) {
     const country = request.geo?.country;
     if (country === 'US') {
       return NextResponse.rewrite(new URL('/us', request.url));
     }
     return NextResponse.next();
   }
   ```

## Do NOT Use proxy.ts For

- Authentication/authorization checks
- Session validation
- Database queries
- Complex business logic
- Rate limiting (use route handlers instead)

## Migration Checklist

- [ ] Rename `middleware.ts` to `proxy.ts`
- [ ] Rename `middleware` export to `proxy`
- [ ] Remove authentication logic from proxy
- [ ] Move authentication to Server Components/Route Handlers
- [ ] Test that routes are properly protected
- [ ] Verify edge cases (direct route access, API routes, etc.)
- [ ] Update tests that reference middleware

## Common Errors

**Error: "middleware is not exported"**

You forgot to rename the export from `middleware` to `proxy`.

**Error: "proxy is not a function"**

Ensure you're exporting a function named `proxy`, not a default export.

**Error: "Cannot access database in proxy"**

Proxy runs at the edge runtime. Move database access to route handlers or Server Components.

## Additional Resources

- CVE-2025-29927: Next.js Middleware Authentication Vulnerability
- Next.js 16 Migration Guide: Proxy API
- Next.js Security Best Practices: Route-Level Protection