CSP Header exceeding max header length

martynas-pacerevenue · April 23, 2025, 8:32am

Hello!

Our application has quite a lot of different integrations with 3rd party applications:

Google Analytics,
Heap,
Intercom,
LogRocket,
Firebase,
Canny
And more
Our internal services

After updating one of them to latest package version and adding some new CSP header values we have run into a problem that the current header value exceeds the maximum allowed header length of 4096 characters.

The vercel.json schema validation failed with the following message: headers[0].headers[0].value should NOT be longer than 4096 characters

For now I’ve tried to replace some of the values with wildcard values to conserve space, but I see that as a potential problem going forward. What alternative solutions are there to work around the maximum header length limit?

anshumanb · April 23, 2025, 11:03am

Hi @martynas-pacerevenue, welcome to the Vercel Community!

Sorry that you faced this issue. Can you try using the Edge Middleware Overview to add the CSP header to the response instead?

Topic		Replies	Views
Message or text content exceeds max length v0 v0	7	61	April 28, 2025
Could not parse File as JSON: vercel.json Help	2	60	October 26, 2024
Builder returned invalid routes: should NOT be longer than 4096 char Feedback nextjs	1	13	May 1, 2025
SSL Record too long error Help	4	7	March 8, 2025
Edge Middleware not setting Response headers Help	3	18	January 16, 2025

CSP Header exceeding max header length

Related topics