Menu Close

Go – HTTP MaxBytesReader Function in Go

In this article, we will explore the http MaxBytesReader function in Go net/http package in detail, along with examples.


Go, or Golang, is a powerful programming language designed with simplicity and efficiency in mind. Among its many packages is the ‘net/http’ package, which offers essential tools for building HTTP clients and servers. In this article, we will explore the MaxBytesReader function in detail, demonstrating its usage with examples and explaining its role in limiting the size of incoming request bodies.

Understanding the MaxBytesReader Function

The MaxBytesReader function is part of the ‘net/http’ package in Go. It wraps an existing ‘io.Reader’ (usually an HTTP request body) and returns a new ‘io.Reader’ that will read at most ‘n’ bytes from the original reader. If the wrapped reader reads more than ‘n’ bytes, it returns an error. This function is particularly useful when you want to limit the size of the incoming request body to protect your server from potential denial-of-service attacks or when you need to enforce size limits for file uploads. The function signature is:


func MaxBytesReader(w ResponseWriter, r io.Reader, n int64) io.Reader


  • w: The ‘ResponseWriter’ to which the ‘http.ErrHandler’ will be written if the limit is exceeded.
  • r: The ‘io.Reader’ to be wrapped, typically an HTTP request body.
  • n: The maximum number of bytes to be read from the wrapped ‘io.Reader’.

The function returns an ‘io.Reader’ that enforces the specified byte limit.

Example Usage

Let’s create a simple HTTP server using the MaxBytesReader function to limit the size of the incoming request body.

package main

import (

const maxRequestBodySize = 1024 // 1 KB

func uploadHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != http.MethodPost {

	limitedReader := http.MaxBytesReader(w, r.Body, maxRequestBodySize)
	defer r.Body.Close()

	bodyContent := make([]byte, maxRequestBodySize)
	n, err := limitedReader.Read(bodyContent)

	if err != nil && err != io.EOF {
		if err == io.ErrUnexpectedEOF {
			http.Error(w, "Request body too large", http.StatusRequestEntityTooLarge)
		} else {
			http.Error(w, err.Error(), http.StatusInternalServerError)

	fmt.Fprintf(w, "Received %d bytes\n", n)

func main() {
	mux := http.NewServeMux()
	mux.HandleFunc("/upload", uploadHandler)

	server := &http.Server{
		Addr:    ":8080",
		Handler: mux,

	fmt.Println("Starting server on http://localhost:8080")
	err := server.ListenAndServe()
	if err != nil {
	    fmt.Printf("Failed to start server: %v\n", err)

In this example, the ‘uploadHandler’ function first checks if the request method is POST. If not, it returns a ‘StatusMethodNotAllowed’ error. It then creates a ‘limitedReader’ using the MaxBytesReader function, wrapping the request body and limiting the size to ‘maxRequestBodySize’ bytes. When reading from the ‘limitedReader’, it checks for any errors, specifically the ‘io.ErrUnexpectedEOF’ error, which indicates that the byte limit was exceeded. In that case, it returns a ‘StatusRequestEntityTooLarge’ error.


The http.MaxBytesReader function is a useful tool for limiting the size of incoming request bodies in Go. By using this function, you can ensure that your application is protected against large incoming request bodies that could cause performance or security issues.

To check more leetcode problem’s solution. Pls click given below link:

Posted in golang, net, packages

Leave a Reply

Your email address will not be published. Required fields are marked *