Next.js doesn't seem to protect routes that use getServerSideProps()
.
How can you protect endpoints like:
/_next/data/*/*/something.json
Is this a bug? You can get 50% of the way there with middleware, but the middleware doesn't run on /_next/data/
unless you configure it to.