The 30-Second FixNeed a quick fix? You just need to tell Express to be more generous with its memory. If you're on Express 4.16.0 or higher, add a limit option to the built-in JSON and URL-encoded parsers in your main app file:
const express = require('express');
const app = express();
// Increase limit for JSON bodies
app.use(express.json({ limit: '50mb' }));
// Increase limit for URL-encoded bodies
app.use(express.urlencoded({ limit: '50mb', extended: true }));
Running an older stack? If you're still on an older version of Express or using the standalone body-parser package, the syntax is nearly identical:
const bodyParser = require('body-parser');
app.use(bodyParser.json({ limit: '50mb' }));
app.use(bodyParser.urlencoded({ limit: '50mb', extended: true }));
Why Express is pushing backBy default, Express caps incoming requests at a tiny 100KB. This safeguard prevents attackers from crashing your server with massive payloads. It's a smart security move, but it also blocks legitimate 5MB images or large JSON objects. When a client sends a payload that exceeds this limit, the middleware throws an HTTP 413 status and stops the request in its tracks.
PayloadTooLargeError: request entity too large at readStream (.../node_modules/body-parser/lib/read.js:71:17)
Where to apply the changes### 1. Express Built-in MiddlewareIf you're on Express 4.16+, you don't need the extra body-parser package. Configure the limits directly in your app.js or server.js. Make sure these lines appear before your route definitions, or they won't take effect.
// server.js
const express = require('express');
const app = express();
// Adjust these limits based on what your app actually handles
app.use(express.json({ limit: '25mb' }));
app.use(express.urlencoded({
limit: '25mb',
extended: true,
parameterLimit: 50000
}));
app.post('/api/upload', (req, res) => {
console.log('Received body size:', JSON.stringify(req.body).length);
res.send('Success');
});
2. Handling File Uploads (Multipart/Form-Data)The express.json() limit won't help you with file uploads handled by multer or busboy. You have to set the limits inside that specific middleware instead:
const multer = require('multer');
const upload = multer({
limits: { fileSize: 50 * 1024 * 1024 } // 50MB limit
});
app.post('/profile', upload.single('avatar'), (req, res) => {
res.send('File uploaded!');
});
3. The Nginx BottleneckSometimes the code is fine, but the infrastructure is the barrier. If you updated Node.js but still see 413 errors, Nginx is likely the gatekeeper. By default, Nginx rejects any request larger than 1MB.
Update your Nginx configuration (found in /etc/nginx/nginx.conf or your site-specific file):
server {
client_max_body_size 50M;
location / {
proxy_pass http://localhost:3000;
}
}
Don't forget to test and reload the service:
sudo nginx -t
sudo systemctl reload nginx
How to prove it's fixedDon't just take our word for it—test the new limit. You can use curl to send a payload that is larger than the old 100KB default but smaller than your new threshold.
First, generate a 200KB dummy JSON file:
node -e "console.log(JSON.stringify({data: 'x'.repeat(200000)}))" > large_payload.json
Then, fire it at your local server:
curl -X POST -H "Content-Type: application/json" -d @large_payload.json http://localhost:3000/your-endpoint
If you get a 200 OK instead of the 413 Payload Too Large, you're good to go.