Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
capacitor-eventsource
Advanced tools
Native SSE (EventSource) Plugin for Capacitor
Because of the way Capacitor plugins are designed, it does not exactly follow the format/signature of the "real" browser EventSource API, but it works similarly.
Installation
npm install capacitor-eventsource
npx cap sync
On iOS or for pure-web use, no further steps are needed.
Android Installation
On Android, update your main activity to pull in the EventSource plugin:
import com.raccoonfink.plugins.eventsource.EventSource;
public class MainActivity extends BridgeActivity {
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
// Initializes the Bridge
this.init(savedInstanceState, new ArrayList<Class<? extends Plugin>>() {{
// Additional plugins you've installed go here
// Ex: add(TotallyAwesomePlugin.class);
add(EventSource.class);
}});
}
}
Usage
EventSource.configure({
url: 'https://my-sse-url/',
reconnectTime: 1000,
maxReconnectTime: 60000,
idleTimeout: 30000,
});
EventSource.addListener('open', (openResult) => {
console.debug('Connection opened.');
});
EventSource.addListener('message', (messageResult) => {
console.info('I got a message: ' + messageResult.message);
});
EventSource.addListener('error', (errorResult) => {
console.error('Uh-oh: ' + errorResult.error);
});
EventSource.addListener('readyStateChanged', (readyStateChangedResult) => {
console.debug('Ready state changed: ' + readyStateChangedResult.state);
});
Parameters
note: all times are in milliseconds
- url: required the URL to connect to
- reconnectTime: time to reconnect after the first failure (iOS/Android)
- maxReconnectTime: maximum amount of time to wait until attempting a reconnect (iOS/Android)
- idleTimeout: maximum amount of time between receiving any data before considering the connection to have timed out (iOS/Android)
FAQs
EventSource (SSE) API for Capacitor
We found that capacitor-eventsource demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 28 Jun 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026