From 2b4ec0082a4734758a4cda43cf81d1b9b93f9e7e Mon Sep 17 00:00:00 2001 From: Gutslabs Date: Sat, 4 Jul 2026 15:35:05 -0700 Subject: [PATCH] fix(api_server): return 413 for oversized chunked bodies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit api_server already caps every read via client_max_size (chunked included), but when the limit tripped mid-read the handler's broad JSON except turned it into 400 'Invalid JSON'. Catch HTTPRequestEntityTooLarge in body_limit_middleware and return the OpenAI-style 413. Status-code polish extracted from PR #3949 by @Gutslabs — the PR's core client_max_size change already exists on main. --- gateway/platforms/api_server.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/gateway/platforms/api_server.py b/gateway/platforms/api_server.py index a029596849d..5ba09d67492 100644 --- a/gateway/platforms/api_server.py +++ b/gateway/platforms/api_server.py @@ -669,7 +669,16 @@ if AIOHTTP_AVAILABLE: return web.json_response(_openai_error("Request body too large.", code="body_too_large"), status=413) except ValueError: return web.json_response(_openai_error("Invalid Content-Length header.", code="invalid_content_length"), status=400) - return await handler(request) + try: + return await handler(request) + except web.HTTPRequestEntityTooLarge: + # aiohttp's client_max_size tripped mid-read (chunked bodies carry + # no Content-Length) — return a proper 413 instead of letting the + # handler's broad JSON except turn it into 400 "Invalid JSON". + return web.json_response( + _openai_error("Request body too large.", code="body_too_large"), + status=413, + ) else: body_limit_middleware = None # type: ignore[assignment]