2

I have an ASP.NET Core 6/7 Web API with an endpoint that uploads files using multipart/form-data. I want to allow files of 50 MB or larger.

I'm currently testing with cURL:

curl -X POST "https://xxxx/v1/Cons/attachments" \
  -H "accept: text/plain" \
  -H "x-api-key: <api-key>" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: multipart/form-data" \
  -F "[email protected];type=application/pdf" \
  -F "userId=xxx" \

However, when I try to upload larger files, I get:

HTTP Error 413.1 – Request Entity Too Large

What I've tried:

  1. Kestrel settings in Program.cs:

    webBuilder.ConfigureKestrel(options =>
    {
        options.Limits.MaxRequestBodySize = 524288000; // 500 MB
    });

  2. Controller attributes:

    [RequestSizeLimit(524288000)]
[RequestFormLimits(MultipartBodyLengthLimit = 524288000)]
[HttpPost("attachments")]
public async Task<IActionResult> Upload([FromForm] ConstructionAttachmentModel model)
{
    // handle file
}

  3. Web.config (for IIS layer, after publishing):

    <system.webServer>
    <security>
        <requestFiltering>
            <requestLimits maxAllowedContentLength="524288000" />
        </requestFiltering>
    </security>
</system.webServer>

  4. Azure App Service application setting:

    Key:  ASPNETCORE_MAXREQUESTBODYSIZE
Value: 524288000

Question

After all these changes, my API still returns 413.1 for large uploads on Azure app service.

How can I reliably allow file uploads > 50 MB in an ASP.NET Core 6/7 Web API on Azure?

Additional info:

  • ASP.NET Core 6/7
  • Web API deployed to Azure App Service
  • Testing with cURL and Postman
  • Local Kestrel upload works fine
Improve this question
3
  • What's the full exception on the server? Commented Oct 13 at 7:53
  • 1
    Code 413 Undocumented, Error: Request Entity Too Large, Response body The page was not displayed because the request entity is too large. Commented Oct 13 at 8:00
  • What about the stack trace? Commented Oct 13 at 8:57

1 Answer 1

Reset to default
1

It looks like there might be a small issue with your web.config structure.

<configuration>
  <system.webServer>
    <security>
      <requestFiltering>        
        <requestLimits maxAllowedContentLength="524288000" />
      </requestFiltering>
    </security>
  </system.webServer>
</configuration>

If <system.webServer> isn’t correctly nested under <configuration>,Azure App Service (and IIS) will simply ignore these settings.

According to Microsoft’s official IIS configuration reference the <system.webServer> element is the root element for IIS site- and application-level settings and must be a direct child of <configuration>.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.