On 2023-08-06 21:53, chenpinji@xxxxxxxxxxx wrote:
Hi! I add h2c to my protocol configuration. It comes to "Protocols h2 h2c http/1.1". Nevertheless, Apache still disabled my origin server push stream.
What is your "origin server"? Is the "push stream" validly formatted? What do the logs on *both* servers say about it?
It seems that Apache never put this into production.I'll leave that up to one of the developers -- this is the "user" list. We stopped even considering it when Chrome announced quite openly that they would not support it.
Paul PUSH
PROMISE STREAM is one of the most important characteristics of http/2
defined in RFC. So, I wonder what is the reason behind. Maybe there is
no std library to use? I would be quite grateful if you let me know the
considerations
------------------------------------------------------------------------
chenpinji@xxxxxxxxxxx
*From:* Stormy <mailto:stormy22@xxxxxxxxx>
*Date:* 2023-08-07 03:41
*To:* users <mailto:users@xxxxxxxxxxxxxxxx>
*Subject:* Re: Can apache2 reverse proxy forward
HTTP/2 server push?
On 2023-08-06 05:36, chenpinji@xxxxxxxxxxx wrote:
> Hi! I'm using apache2 as a reverse proxy of my HTTP/2 origin
server. My origin server has some assets to push, however, apache2
disabled the push stream (PUSH PROMISE STREAM) in the test. I have
searched for reasons on RFC, it shows that "SETTINGS_ENABLE_PUSH
(0x2): This setting can be used to disable server push (Section
8.2)". Therefore, I wonder how to set apache2 to enable the origin
server push(not in a Link Header manner). Can apache2 handle PUSH
PROMISE FRAME or forward server push? It would help to give me some
instructions, the core of my configuration of apache2 is below:
> ############################
> <VirtualHost *:443>
> Protocols h2 http/1.1
> ServerName www.xxx.com
> SSLEngine on
> SSLProxyEngine on
> #SSLProxyVerify none
> SSLProxyCheckPeerCN off
> SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
> #SSLProxyCheckPeerName off
> #SSLProxyCheckPeerExpire off
> ProxyRequests Off
> ProxyPass / h2://127.0.0.1:8443/
> ProxyPassReverse /http://127.0.0.1:8443/ ; <http://127.0.0.1:8443/>
> SSLCertificateFile /path/to/fullchain.cer
> SSLCertificateKeyFile /path/to/example.key
I could be wrong (we never put it into production), but I have a note
concerning the need for "protocol" h2c as well as h2, otherwise TCP is
not recognized. We came to the conclusion (as did chrome who
dropped it
last year <https://chromestatus.com/feature/6302414934114304>) that
client cache and push were probably not compatible with latency, but
YMMV.
See: Protocols h2 h2c http/1.1 at
<https://httpd.apache.org/docs/2.4/howto/http2.html>
Paul
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|