Add HTTP2 toggling for Nginx and option for HTTP2 over HTTP#456
Add HTTP2 toggling for Nginx and option for HTTP2 over HTTP#456
Conversation
|
need to double check Apache has mod_http2 enabled by default |
andytson-inviqa
force-pushed
the
feature/http2-toggle
branch
from
e905379 to
f86c687
Compare
andytson-inviqa
changed the title
|
Turns out Ubuntu hasn't packaged mod_http2 for Apache, so I've removed the config for it |
Nginx already had HTTP2 enabled Latter is disabled by default as: * Nginx doesn't support H2C, so is unable to negotiate HTTP version, so instead uses a different env var toggle * H2C isn't supported by browsers, so has limited use
andytson-inviqa
force-pushed
the
feature/http2-toggle
branch
from
f86c687 to
3d7408a
Compare
|
There is no risks for existing websites to enable HTTP/2.0, right? Also, does this mean we cannot enable HTTP2 for HTTP & HTTPS? |
|
We already have HTTP2 enabled for nginx image, so any risk was already there. Enabling HTTP2 on http port though is way too risky though as it will stop http 1.1 in Nginx. |
| WEB_HTTPS_OFFLOADED | Whether the HTTPS traffic has been forwarded without SSL to the HTTPS port | true/false | false | ||
| WEB_HTTPS_ONLY | Whether to redirect all HTTP traffic to HTTPS | true/false | $WEB_HTTPS (deprecated: if $WEB_HTTPS=true then false) | ||
| WEB_HTTP2 | Whether to enable HTTP2 over TLS on HTTPS port. If WEB_HTTPS_OFFLOADED enabled then this is ignored due to Nginx not supporting h2c | true/false | true | ||
| WEB_HTTP2_ONLY_HTTP | Whether to enable HTTP2 over plaintext on HTTP port (or HTTPS if WEB_HTTPS_OFFLOADED enabled). Nginx doesn't support h2c for plain HTTP protocol so will not support HTTP 1.1/1.0 if enabled | true/false | false |
There was a problem hiding this comment.
I wanted to make it clear it would only do http2, not http 1.1, hence ONLY
There was a problem hiding this comment.
happy to go with a different variable name though, just still keeping it clear at the same time
There was a problem hiding this comment.
WEB_HTTPS_HTTP2
WEB_HTTP_HTTP2_ONLY
?
There was a problem hiding this comment.
hmm, although that doesn't indicate that WEB_HTTPS in WEB_HTTPS_OFFLOADED enabled won't get WEB_HTTPS_HTTP2
There was a problem hiding this comment.
mind = 💥
So, we agree that this flag will configure if HTTP/2.0 is enabled on the non-secure HTTP port?
If yes, what about:
WEB_HTTP2_ON_HTTP_PORTWEB_HTTP2_ON_NON_SECURE_HTTP
IMHO, we don't care about the "only" as it's in the documentation (i.e. README file)
There was a problem hiding this comment.
WEB_HTTP2_TLS
WEB_HTTP2_PLAINTEXT_NONBC
andytson-inviqa
force-pushed
the
feature/http2-toggle
branch
from
6dfbe02 to
47f3d7c
Compare
andytson-inviqa
force-pushed
the
feature/http2-toggle
branch
from
47f3d7c to
ac0eac9
Compare
3 participants
Nginx already had HTTP2 enabled
Latter is disabled by default as: