Server-sent events (SSE)

By Lucien Immink

5 min read

With Server-sent events, you don't need to ask the server if an event has happened. SSE is sent when the server wants to.

Authors

Communicating data between client and server is something that the web is all about. Loading a webpage and its assets is done by having the client request the webpage and the server responds by sending the actual webpage to the client. What if the server wants to send additional info to the client? Or all the clients that are currently connected? Classic HTTP connections are initiated by the client and are closed when the data has been transferred. Let's explore some options available in modern browsers.

Polling

Polling is done by requesting and responding over and over again

One of the easiest ways to get updates is by requesting if there is new data. By calling the server at regular intervals the client will get the updates in a timely manner, but what is timely? How many times does the client need to call the server? What happens if a lot of clients are calling the server at the same time? Depending on the use case polling can be a valid technique to get updates from the server. In case the data changes in irregular intervals a polling request/response results in a lot of unnecessary HTTP calls. If the data changes multiple times per second a polling request/response might miss a lot of these changes since the client will only get the response of the request it has sent, but that also depends on the serverside implementation.

Polling client-side example

const POLL_INTERVAL = 1000

const poll = async () => {
  const response = await fetch('/endpoint')
  const json = await response.json()
  /*
  ... do stuff with the JSON
  */

  // now call ourselve again to check for new data
  setTimeout(() => {
    poll()
  }, POLL_INTERVAL)
}

WebSockets

WebSockets

For real-time updates, polling is not a valid option due to the HTTP overhead of opening and closing the connection. For this WebSockets were created and standardized in 2011. Based on TCP but different from HTTP. WebSockets use their native protocols ws and wss. WebSockets enable interaction between client and server with lower overhead alternatives like polling. The socket connection remains open and both client and server have event-based listeners for reacting to any data sent over and forth.

To establish a WebSocket connection, the client sends a WebSocket handshake request, for with the server returns a WebSocket response. The request has the Upgrade: websocket header to indicate that a WebSocket connection is requested. The method of setting up a WebSocket allows the server to handle both HTTP requests and WebSocket connections on the same port. Once the handshake is complete, communication switches to the bidirectional WebSocket protocol.

Setting up WebSockets and implementing the server part is complex relative to HTTP. Luckily libraries are available for both client and server but they come at the cost of additional bytes and possible security issues.

WebSocket requests are not restricted by the same-origin policy as regular HTTP requests are. The server needs to validate the origin header during the HTTP handshake to avoid cross-site hijacking attacks.

WebSockets client-side example

const socket = new WebSocket('wss://my-domain.io/ws/stream')

socket.onopen = () => {
  // connection is now established as WebSocket
}

// client sending data to the server
socket.send('here is my message')

socket.onmessage = (event) => {
  // a new message is received
  /*
  ... do something with event.data
  */
}

socket.onclose = () => {
  // the server closed the connection
}

socket.onerror = (event) => {
  // the connection is closed due to an error
}

Server-sent events

sse-single-client

Server-sent events (SSE for short) are a low-overhead technique for sending data from a server in real-time once the client establishes the connection. They are commonly used to send updates or continuous data to one or multiple clients using the browser's EventSource API. The biggest differences between WebSockets and SSE are that SSE is server-to-client communication only and that SSE is based on HTTP and as such is as secure as HTTP is.

Servers can send messages when needed but SSE does not allow for client-to-server communication. You can however always send a new request to incorporate bi-directional communication but this has more overhead compared to WebSockets.

The mimetype for SSE is text/event-stream, indicating that only text-based data can be send.

Messages have a specific structure, this structure can be used to bind specific event listeners to the stream. All messages have the data: prefix and can be preceded by an event: line. The event: line is optional. The onmessage method of the EventSource will capture all messages as long as they are prefixed with data:. Specific event listeners will only capture messages that are preceded by the matching event: line.

event: event-type
data: string based data

data: this is a generic message

event: some-other-type
data: { "complex": { "data": "data can be a json string" }}

SSE client-side example

const stream = new EventSource('/stream')

stream.onopen = () => {
  // the EventStream is opened
}

stream.onmessage = (event) => {
  // a new message is received
  /*
  ... do something with event.data
  */
}

stream.addEventListener('event-type', (event) => {
  // only messages of the `event: event-type` are captured
})

stream.onerror = event = {
  // an error occured, by default the SSE connection is restarted automatically
  // close the connection permanently by calling stream.close();
}

SSE server-side example

For the server, SSE is handled as any HTTP request. Keep a list of connected clients to send broadcasted events. Keep in mind that the mimetype for SSE is text/event-stream and that must be set as the content-type response header. The response itself should never be cached meaning that the cache-control response header needs to be set as well. Always close the message with a blank line.

let clients = []

const sse = (request, response, next) => {
  response.header('Content-Type', 'text/event-stream')
  response.header('Cache-Control', 'no-store, no-cache')
  response.connection.setTimeout(0)

  // add client to list
  const clientId = 'some-id'
  clients.push({
    clientId,
    response,
  })

  // write a string response when needed.
  response.write(
    `data: ${JSON.stringify({ clientId, message: 'Welcome to the event-stream' })}\n\n`
  )

  request.on('close', () => {
    // remove the client from the clientslist
    clients = clients.filter((client) => client.clientId !== clientId)

    // end the response when the client disconnects
    response.end()
  })
}

// some other module that wants to send messages
clients.forEach((client) => {
  client.response.write(`event: my-module\n`)
  client.response.write(`data: ${JSON.stringify({ complex: { data: 'message ' } })}\n\n`)
})

Wrap-up

Classic HTTP connections are closed after the response is sent. To get updated data the client can request new data over and over again (polling) or by setting up a special WebSocket connection. WebSockets are bi-directional but not based on HTTP. Setting up WebSockets and implementing the server part is complex relative to HTTP. Luckily libraries are available for both client and server but they come at the cost of additional bytes and possible security issues. Server-sent events (SSE) are HTTP connections using the text/event-stream mimetype that do not close. Servers can send messages when needed but SSE does not allow for client-to-server communication. You can however always send a new request to incorporate bi-directional communication but this has more overhead compared to WebSockets.


Upcoming events

  • Mastering Event-Driven Design

    PLEASE RSVP SO THAT WE KNOW HOW MUCH FOOD WE WILL NEED Are you and your team struggling with event-driven microservices? Join us for a meetup with Mehmet Akif Tütüncü, a senior software engineer, who has given multiple great talks so far and Allard Buijze founder of CTO and founder of AxonIQ, who built the fundaments of the Axon Framework. RSVP for an evening of learning, delicious food, and the fusion of creativity and tech! 🚀 18:00 – 🚪 Doors open to the public 18:15 – 🍕 Let’s eat 19:00 – 📢 Getting Your Axe On Event Sourcing with Axon Framework 20:00 – 🍹 Small break 20:15 – 📢 Event-Driven Microservices - Beyond the Fairy Tale 21:00 – 🙋‍♀️ drinks 22:00 – 🍻 See you next time? Details: Getting Your Axe On - Event Sourcing with Axon Framework In this presentation, we will explore the basics of event-driven architecture using Axon Framework. We'll start by explaining key concepts such as Event Sourcing and Command Query Responsibility Segregation (CQRS), and how they can improve the scalability and maintainability of modern applications. You will learn what Axon Framework is, how it simplifies implementing these patterns, and see hands-on examples of setting up a project with Axon Framework and Spring Boot. Whether you are new to these concepts or looking to understand them more, this session will provide practical insights and tools to help you build resilient and efficient applications. Event-Driven Microservices - Beyond the Fairy Tale Our applications need to be faster, better, bigger, smarter, and more enjoyable to meet our demanding end-users needs. In recent years, the way we build, run, and operate our software has changed significantly. We use scalable platforms to deploy and manage our applications. Instead of big monolithic deployment applications, we now deploy small, functionally consistent components as microservices. Problem. Solved. Right? Unfortunately, for most of us, microservices, and especially their event-driven variants, do not deliver on the beautiful, fairy-tale-like promises that surround them.In this session, Allard will share a different take on microservices. We will see that not much has changed in how we build software, which is why so many “microservices projects” fail nowadays. What lessons can we learn from concepts like DDD, CQRS, and Event Sourcing to help manage the complexity of our systems? He will also show how message-driven communication allows us to focus on finding the boundaries of functionally cohesive components, which we can evolve into microservices should the need arise.

    | Coven of Wisdom - Utrecht

    Go to page for Mastering Event-Driven Design
  • The Leadership Meetup

    PLEASE RSVP SO THAT WE KNOW HOW MUCH FOOD WE WILL NEED What distinguishes a software developer from a software team lead? As a team leader, you are responsible for people, their performance, and motivation. Your output is the output of your team. Whether you are a front-end or back-end developer, or any other discipline that wants to grow into the role of a tech lead, RSVP for an evening of learning, delicious food, and the fusion of leadership and tech! 🚀 18:00 – 🚪 Doors open to the public 18:15 – 🍕 Let’s eat 19:00 – 📢 First round of Talks 19:45 – 🍹 Small break 20:00 – 📢 Second round of Talks 20:45 – 🙋‍♀️ drinks 21:00 – 🍻 See you next time? First Round of Talks: Pixel Perfect and Perfectly Insane: About That Time My Brain Just Switched Off Remy Parzinski, Design System Lead at Logius Learn from Remy how you can care for yourself because we all need to. Second Round of Talks: Becoming a LeadDev at your client; How to Fail at Large (or How to Do Slightly Better) Arno Koehler Engineering Manager @ iO What are the things that will help you become a lead engineer? Building Team Culture (Tales of trust and positivity) Michel Blankenstein Engineering Manager @ iO & Head of Technology @ Zorggenoot How do you create a culture at your company or team? RSVP now to secure your spot, and let's explore the fascinating world of design systems together!

    | Coven of Wisdom - Amsterdam

    Go to page for The Leadership Meetup
  • Coven of Wisdom - Herentals - Spring `24 edition

    Join us for an exciting web technology meetup where you’ll get a chance to gain valuable insights and knowledge about the latest trends in the field. Don’t miss out on this opportunity to expand your knowledge, network with fellow developers, and discover new and exciting possibilities. And the best part? Food and drinks are on us! Johan Vervloet - Event sourced wiezen; an introduction to Event Sourcing and CQRS Join me on a journey into the world of CQRS and Event Sourcing! Together we will unravel the misteries behind these powerful concepts, by exploring a real-life application: a score app for the 'Wiezen' card game.Using examples straight from the card table, we will delve into the depths of event sourcing and CQRS, comparing them to more traditional approaches that rely on an ORM.We will uncover the signs in your own database that indicate where event sourcing can bring added value. I will also provide you with some tips and pointers, should you decide to embark on your own event sourcing adventure. Filip Van Reeth - WordPress API; "Are you talking to me?" What if the WordPress API could be one of your best friends? What kind of light-hearted or profound requests would it share with you? In this talk, I would like to introduce you to it and ensure that you become best friends so that together you can have many more pleasant conversations (calls). Wanna be friends? Please note that the event or talks will be conducted in Dutch. Want to give a talk? Send us your proposal at meetup.herentals@iodigital.com 18:00 - 19:00: Food/Drinks/Networking 19:00 - 21:00: Talks 21:00 - 22:00: Networking Thursday 30th of May, 18h00 - 22h00 CET iO Campus Herentals, Zavelheide 15, Herentals

    | Coven of Wisdom Herentals

    Go to page for Coven of Wisdom - Herentals - Spring `24 edition

Share