Reference

Edge Middleware Limitations

Learn about the limitations and restrictions of using Edge Middleware with Vercel with this reference.
Table of Contents

Edge Middleware is neither a Node.js nor browser application, which means it doesn't have access to all browser and Node.js APIs. Currently, our runtime offers a subset of browser APIs and some Node.js APIs, and we plan to implement more functionality in the future.

There are some restrictions to writing middleware, which is documented in the Edge Middleware API guide.

In summary:

  • Use ES modules
  • Most libraries that use Node.js APIs as dependencies can't be used in Edge Middleware. While we're adding support for more Node.js APIs over time, see the currently available APIs
  • Dynamic code execution (such as eval) is not allowed (see the next section for more details)

Dynamic code execution is not available in Edge Middleware for security reasons. For example, the following APIs cannot be used:

APIDescription
evalEvaluates JavaScript code represented as a string
new Function(evalString)Creates a new function with the code provided as an argument
WebAssembly.instantiateCompiles and instantiates a WebAssembly module from a buffer source

Most importantly, you need to make sure libraries used in your Edge Middleware don't rely on dynamic code execution because it leads to a runtime error.

Edge Middleware must begin sending a response within 25 seconds.

You may continue streaming a response beyond that time and you can continue with asynchronous workloads in the background, after returning the response.

PlanLimit (after gzip compression)
Hobby1 MB
Pro2 MB
Enterprise4 MB

The maximum size for an Edge Function includes your JavaScript code, imported libraries and files (such as fonts), and all files bundled in the function.

If you reach the limit, make sure the code you are importing in your function is used and is not too heavy. You can use a package size checker tool like bundle to check the size of a package and search for a smaller alternative.

Environment Variables can be accessed through the process.env object. Since JavaScript objects have methods to allow some operations on them, there are limitations on the names of Environment Variables to avoid having ambiguous code.

The following names will be ignored as Environment Variables to avoid overriding the process.env object prototype:

  • constructor
  • __defineGetter__
  • __defineSetter__
  • hasOwnProperty
  • __lookupGetter__
  • __lookupSetter__
  • isPrototypeOf
  • propertyIsEnumerable
  • toString
  • valueOf
  • __proto__
  • toLocaleString

Therefore, your code will always be able to use them with their expected behavior:

// returns `true`, if `process.env.MY_VALUE` is used anywhere & defined in the Vercel dashboard
process.env.hasOwnProperty('MY_VALUE');
NameLimit
Maximum URL length14 KB
Maximum request body length4 MB
Maximum number of request headers64
Maximum request headers length16 KB
Last updated on July 16, 2024