Express · JavaScript

Fix SyntaxError: Unexpected token o in JSON at position 1 in Express

This error occurs when Express tries to parse a malformed JSON request body. The client is sending invalid JSON or the Content-Type header is incorrect. Fix it by adding proper error handling middleware for JSON parse failures and validating the Content-Type header before parsing.

Reading the Stack Trace

SyntaxError: Unexpected token o in JSON at position 1 at JSON.parse (<anonymous>) at parse (/app/node_modules/body-parser/lib/types/json.js:89:19) at /app/node_modules/body-parser/lib/read.js:128:18 at AsyncResource.runInAsyncScope (node:async_hooks:206:9) at invokeCallback (/app/node_modules/raw-body/index.js:238:16) at done (/app/node_modules/raw-body/index.js:227:7) at IncomingMessage.onEnd (/app/node_modules/raw-body/index.js:287:7) at IncomingMessage.emit (node:events:518:28) at endReadableNT (node:internal/streams/readable:1696:12) at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

Here's what each line means:

at JSON.parse (<anonymous>): The native JSON.parse function encountered invalid JSON input and threw a SyntaxError.
at parse (/app/node_modules/body-parser/lib/types/json.js:89:19): The body-parser JSON middleware attempted to parse the raw request body and received the malformed string.
at IncomingMessage.onEnd (/app/node_modules/raw-body/index.js:287:7): The raw-body module finished reading the full request stream before handing the buffer to the JSON parser.

Common Causes

1. Client sending stringified object twice

The client calls JSON.stringify() on a value that is already a string, producing double-encoded JSON like '"[object Object]"'.

// Client-side
const data = { name: 'Alice' };
fetch('/api/users', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify(JSON.stringify(data))
});

2. Missing Content-Type header

The client sends a JSON body without the application/json Content-Type header, so body-parser does not parse it or parses it incorrectly.

// Client-side
fetch('/api/users', {
  method: 'POST',
  body: JSON.stringify({ name: 'Alice' })
  // Missing Content-Type header
});

3. No error-handling middleware for parse failures

The Express app lacks middleware to catch JSON parse errors, so the SyntaxError propagates as an unhandled 500.

const express = require('express');
const app = express();
app.use(express.json());

// No error-handling middleware registered
app.post('/api/users', (req, res) => {
  res.json({ user: req.body });
});

app.listen(3000);

The Fix

Add an error-handling middleware that checks for body-parser's 'entity.parse.failed' error type. This catches malformed JSON and returns a descriptive 400 response instead of crashing with a 500.

Before (broken)

const express = require('express');
const app = express();
app.use(express.json());

app.post('/api/users', (req, res) => {
  res.json({ user: req.body });
});

app.listen(3000);

After (fixed)

const express = require('express');
const app = express();
app.use(express.json());

app.post('/api/users', (req, res) => {
  res.json({ user: req.body });
});

// Error-handling middleware for JSON parse errors
app.use((err, req, res, next) => {
  if (err.type === 'entity.parse.failed') {
    return res.status(400).json({ error: 'Invalid JSON in request body' });
  }
  next(err);
});

app.listen(3000);

Testing the Fix

const request = require('supertest');
const express = require('express');

function createApp() {
  const app = express();
  app.use(express.json());
  app.post('/api/users', (req, res) => res.json({ user: req.body }));
  app.use((err, req, res, next) => {
    if (err.type === 'entity.parse.failed') {
      return res.status(400).json({ error: 'Invalid JSON in request body' });
    }
    next(err);
  });
  return app;
}

describe('POST /api/users', () => {
  it('returns 400 for malformed JSON', async () => {
    const res = await request(createApp())
      .post('/api/users')
      .set('Content-Type', 'application/json')
      .send('{invalid}');
    expect(res.status).toBe(400);
    expect(res.body.error).toBe('Invalid JSON in request body');
  });

  it('returns 200 for valid JSON', async () => {
    const res = await request(createApp())
      .post('/api/users')
      .send({ name: 'Alice' });
    expect(res.status).toBe(200);
    expect(res.body.user.name).toBe('Alice');
  });
});

Run your tests:

npx jest --testPathPattern=body-parser

Pushing Through CI/CD

git checkout -b fix/express-body-parser-error,git add src/middleware/errorHandler.js src/__tests__/bodyParser.test.js,git commit -m "fix: add error-handling middleware for malformed JSON body",git push origin fix/express-body-parser-error

Your CI config should look something like this:

name: CI
on:
  pull_request:
    branches: [main]
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'
      - run: npm ci
      - run: npx jest --coverage
      - run: npm run lint

The Full Manual Process: 18 Steps

Here's every step you just went through to fix this one bug:

Notice the error alert or see it in your monitoring tool
Open the error dashboard and read the stack trace
Identify the file and line number from the stack trace
Open your IDE and navigate to the file
Read the surrounding code to understand context
Reproduce the error locally
Identify the root cause
Write the fix
Run the test suite locally
Fix any failing tests
Write new tests covering the edge case
Run the full test suite again
Create a new git branch
Commit and push your changes
Open a pull request
Wait for code review
Merge and deploy to production
Monitor production to confirm the error is resolved

Total time: 30-60 minutes. For one bug.

Or Let bugstack Fix It in Under 2 minutes

Every step above? bugstack does it automatically.

Step 1: Install the SDK

npm install bugstack-sdk

Step 2: Initialize

const { initBugStack } = require('bugstack-sdk')

initBugStack({ apiKey: process.env.BUGSTACK_API_KEY })

Step 3: There is no step 3.

bugstack handles everything from here:

Captures the stack trace and request context
Pulls the relevant source files from your GitHub repo
Analyzes the error and understands the code context
Generates a minimal, verified fix
Runs your existing test suite
Pushes through your CI/CD pipeline
Deploys to production (or opens a PR for review)

Time from error to fix deployed: Under 2 minutes.

Human involvement: zero.

Try bugstack Free →

No credit card. 5-minute setup. Cancel anytime.

Deploying the Fix (Manual Path)

Run the test suite locally to confirm JSON parse errors return 400.
Open a pull request with the error-handling middleware changes.
Wait for CI checks to pass on the PR.
Have a teammate review and approve the PR.
Merge to main and verify the fix in staging before promoting to production.

Frequently Asked Questions

How does BugStack know the fix is safe to deploy?

BugStack runs the fix through your existing test suite, sends malformed and valid payloads to verify correct status codes, and confirms no regressions before marking it safe to deploy.

What if BugStack generates a bad fix?

BugStack never pushes directly to production. Every fix goes through a pull request with full CI checks, so your team can review it before merging.

Why does body-parser throw a SyntaxError instead of returning null?

The body-parser middleware uses JSON.parse internally, which throws a SyntaxError on invalid input. Express treats this as an error and passes it to the next error-handling middleware.

Should I validate JSON schema in the same middleware?

No. Keep parse-error handling separate from schema validation. Use a library like Joi or Zod in your route handler to validate the shape of the parsed body after it is successfully parsed.