4.5 MB payload bypass on serverless functions & cors

Unanswered

Asiatic Lion posted this in #help-forum

Open in Discord

Asiatic LionOP

2023-11-30T09:30:24.000Z

Hello I have a problem and I am trying to find a workaround. I am having a fileupload on my site which lets the user upload a file up to 10mb, however the serverless functions function of vercel only allow a payload size of max 4.5 mb which is exceeded by this time the user uploads a 10mb file.

I tried now to not use the /api/upload directory with the outgoing request to my server, instead use the request directly inside the app to upload the file directly to my server https://vercel.com/guides/how-to-bypass-vercel-body-size-limit-serverless-functions. However, this is running into big cors issues as the domain I am hosting it is not the same as the outgoing request (I assume)?

App hosted example: demo.upload.com
Outgoing request: api.upload.com

Both domains are different, therefore getting the cors error.

Does anybody know how to overcome this issue? I tried everything with setting access control headers to the request but nothing works out...

7 Replies

@Asiatic Lion Hello I have a problem and I am trying to find a workaround. I am having a fileupload on my site which lets the user upload a file up to 10mb, however the serverless functions function of vercel only allow a payload size of max 4.5 mb which is exceeded by this time the user uploads a 10mb file. I tried now to not use the /api/upload directory with the outgoing request to my server, instead use the request directly inside the app to upload the file directly to my server https://vercel.com/guides/how-to-bypass-vercel-body-size-limit-serverless-functions. However, this is running into big **cors issues** as the domain I am hosting it is not the same as the outgoing request (I assume)? App hosted example: demo.upload.com Outgoing request: api.upload.com Both domains are different, therefore getting the cors error. Does anybody know how to overcome this issue? I tried everything with setting access control headers to the request but nothing works out...

2023-11-30T09:39:07.000Z

You should be able to make cors allow *.upload.con or everything just to get it to work

@risky You should be able to make cors allow *.upload.con or everything just to get it to work

Asiatic LionOP

2023-11-30T09:40:15.000Z

But where? Inside the nextjs app? on the server?

2023-11-30T09:40:49.000Z

On the server's response headers

@risky On the server's response headers

Asiatic LionOP

2023-11-30T09:53:02.000Z

on the server where the file is going to be uploaded or on the nextjs app server

2023-11-30T09:53:18.000Z

"api.upload.com"

@risky "api.upload.com"

Asiatic LionOP

2023-11-30T10:02:33.000Z

unfortunately doesnt change anything