fix(sse): sanitize carriage returns in event stream data and comments

pi0 · pi0 · commit 79cabe378e5f · 2026-03-19T20:48:23.000+01:00
diff --git a/src/utils/internal/event-stream.ts b/src/utils/internal/event-stream.ts
@@ -180,7 +180,7 @@ export function isEventStream(input: unknown): input is EventStream {
 export function formatEventStreamComment(comment: string): string {
   return (
     comment
-      .split("\n")
+      .split(/\r\n|\r|\n/)
       .map((l) => `: ${l}\n`)
       .join("") + "\n"
   );
@@ -198,7 +198,7 @@ export function formatEventStreamMessage(message: EventStreamMessage): string {
     result += `retry: ${message.retry}\n`;
   }
   const data = typeof message.data === "string" ? message.data : "";
-  for (const line of data.split("\n")) {
+  for (const line of data.split(/\r\n|\r|\n/)) {
     result += `data: ${line}\n`;
   }
   result += "\n";
diff --git a/test/unit/sse.test.ts b/test/unit/sse.test.ts
@@ -74,6 +74,34 @@ describe("sse (unit)", () => {
     expect(result).toEqual(`: hello\n: data: INJECTED\n\n`);
   });
 
+  it("sanitizes carriage returns in data to prevent SSE injection", () => {
+    const result = formatEventStreamMessage({
+      data: "legit\revent: evil",
+    });
+    // \r must be treated as a line break, so "event: evil" becomes a data: line
+    expect(result).toBe(`data: legit\ndata: event: evil\n\n`);
+  });
+
+  it("sanitizes \\r\\n in data field", () => {
+    const result = formatEventStreamMessage({
+      data: "line1\r\nline2\rline3\nline4",
+    });
+    expect(result).toBe(`data: line1\ndata: line2\ndata: line3\ndata: line4\n\n`);
+  });
+
+  it("prevents event splitting via \\r\\r in data", () => {
+    const result = formatEventStreamMessage({
+      data: "first\r\rdata: injected",
+    });
+    // \r\r should produce an empty line between, not a message boundary
+    expect(result).toBe(`data: first\ndata: \ndata: data: injected\n\n`);
+  });
+
+  it("sanitizes carriage returns in comments to prevent injection", () => {
+    const result = formatEventStreamComment("x\rdata: injected");
+    expect(result).toBe(`: x\n: data: injected\n\n`);
+  });
+
   describe("EventStream", () => {
     it("onClosed does not cause unhandled rejection when callback throws", async () => {
       const event = mockEvent("/");
