diff --git a/subiquity/common/api/server.py b/subiquity/common/api/server.py
index 2420f906..3e70ccf2 100644
--- a/subiquity/common/api/server.py
+++ b/subiquity/common/api/server.py
@@ -14,6 +14,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import inspect
+import json
 import logging
 import os
 import traceback
@@ -173,7 +174,10 @@ def _make_handler(
                     headers={
                         "x-status": "error",
                         "x-error-type": type(exc).__name__,
-                        "x-error-msg": str(exc),
+                        # aiohttp will reject a header if its value contains a
+                        # "\r" or "\n" character. By using compact JSON, we
+                        # ensure those characters are escaped.
+                        "x-error-msg": json.dumps(str(exc), indent=None),
                     },
                 )
                 resp["exception"] = exc
diff --git a/subiquity/common/api/tests/test_server.py b/subiquity/common/api/tests/test_server.py
index 460541f6..0dcc74b5 100644
--- a/subiquity/common/api/tests/test_server.py
+++ b/subiquity/common/api/tests/test_server.py
@@ -122,7 +122,7 @@ class TestBind(unittest.IsolatedAsyncioTestCase):
             self.assertEqual(resp.headers["x-status"], "error")
             self.assertEqual(resp.headers["x-error-type"], "TypeError")
             self.assertEqual(
-                resp.headers["x-error-msg"], 'missing required argument "arg"'
+                resp.headers["x-error-msg"], '"missing required argument \\"arg\\""'
             )
 
     async def test_error(self):