4.5 MB payload bypass on serverless functions & cors
Unanswered
Asiatic Lion posted this in #help-forum
![Avatar](https://cdn.discordapp.com/embed/avatars/0.png)
Asiatic LionOP
Hello I have a problem and I am trying to find a workaround. I am having a fileupload on my site which lets the user upload a file up to 10mb, however the serverless functions function of vercel only allow a payload size of max 4.5 mb which is exceeded by this time the user uploads a 10mb file.
I tried now to not use the /api/upload directory with the outgoing request to my server, instead use the request directly inside the app to upload the file directly to my server https://vercel.com/guides/how-to-bypass-vercel-body-size-limit-serverless-functions. However, this is running into big cors issues as the domain I am hosting it is not the same as the outgoing request (I assume)?
App hosted example: demo.upload.com
Outgoing request: api.upload.com
Both domains are different, therefore getting the cors error.
Does anybody know how to overcome this issue? I tried everything with setting access control headers to the request but nothing works out...
I tried now to not use the /api/upload directory with the outgoing request to my server, instead use the request directly inside the app to upload the file directly to my server https://vercel.com/guides/how-to-bypass-vercel-body-size-limit-serverless-functions. However, this is running into big cors issues as the domain I am hosting it is not the same as the outgoing request (I assume)?
App hosted example: demo.upload.com
Outgoing request: api.upload.com
Both domains are different, therefore getting the cors error.
Does anybody know how to overcome this issue? I tried everything with setting access control headers to the request but nothing works out...
7 Replies
![Avatar](https://cdn.discordapp.com/avatars/657067112434499595/aff4eeb34922ca980b0d5fbb5bc60c21.webp?size=256)
risky
You should be able to make cors allow *.upload.con or everything just to get it to work
![Avatar](https://cdn.discordapp.com/embed/avatars/0.png)
Asiatic LionOP
But where? Inside the nextjs app? on the server?
![Avatar](https://cdn.discordapp.com/avatars/657067112434499595/aff4eeb34922ca980b0d5fbb5bc60c21.webp?size=256)
risky
On the server's response headers
![Avatar](https://cdn.discordapp.com/embed/avatars/0.png)
Asiatic LionOP
on the server where the file is going to be uploaded or on the nextjs app server
![Avatar](https://cdn.discordapp.com/avatars/657067112434499595/aff4eeb34922ca980b0d5fbb5bc60c21.webp?size=256)
risky
"api.upload.com"
![Avatar](https://cdn.discordapp.com/embed/avatars/0.png)
Asiatic LionOP
unfortunately doesnt change anything
![Image](https://cdn.discordapp.com/attachments/1179716049281744926/1179724154530963507/Bildschirmfoto_2023-11-30_um_11.00.04.png?ex=657ad2bc&is=65685dbc&hm=f595dc6339a71f814790b4147b360615590766d4202356fb8121e2088215e632&)