9

I was testing an REST Api that uploads image file to server.

The image was too large and exceeded max request body size, so Nginx refused it and returned response 413(Request Entity Too Large).

Nginx: error.log

*329 client intended to send too large body: 1432249 bytes, client: xx.xx.xx.xx, server: api.example.com, request: "POST /images HTTP/1.1", host: "api.example.com", referrer: "https://example.com/posts/create"

However, I found that firefox/chrome console said,

Chrome: console

Access to XMLHttpRequest at 'https://api.example.com/images' from origin 'https://example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Is there any connection between CORS and 413 error? Where does this message comes from and why?

kimchoky
  • 162
  • 1
  • 10
  • 3
    nginx by default doesn’t add additional response headers to 4xx errors. So if you want nginx to include the Access-Control-Allow-Origin response header in a 413 error, then you need to append the `always` parameter to the directive you use to set the header: `add_header Access-Control-Allow-Origin * always`. See the answer at https://stackoverflow.com/a/53059844/441757 – sideshowbarker Mar 05 '20 at 02:54

2 Answers2

5

The issue in this case is that the error response didn't have an appropriate Access-Control-Allow-Origin on it, so the requesting application didn't have permissions to view it. That is, even the error messages are subject to cross-origin policy.

Brad
  • 159,648
  • 54
  • 349
  • 530
  • 1
    Could you please include an example of a configuration where the harder was set for the error? – Ryan Gannon Jul 08 '21 at 12:47
  • @RyanGannon If you use nginx, you need to add this to your configuration file (for example to 50Mo), in the section **server** in the path **/etc/nginx/sites-available/name_config_file** : client_max_body_size 50M; – Lucas Bodin Aug 02 '23 at 19:54
1

This issue is not related to CORS. If you fix 413 error then CORS error will also get fixed on its own. You need to check why 413 error is coming. The size of image upload is more. You can use below code for fixing the same Add below code in Startup file - 

.UseStartup<Startup>()
        .UseKestrel(options =>
        {
          options.Limits.MaxRequestBodySize = long.MaxValue;
        });

If still it is not fixed then you need to check the default image size in server repo. It’s usually by default 1mb. You can increase client_max_body_size. This will fix your problem.

Shakti Singh
  • 19
  • 3
  • 413 is not 'an error' you have to fix. It is common, to limit requests size to add additional safety to the API. – Thowk Aug 25 '23 at 07:47