On 2023-08-06 21:53, chenpinji@xxxxxxxxxxx wrote:> Hi! I add h2c to my protocol configuration. It comes to "Protocols h2> h2c http/1.1". Nevertheless, Apache still disabled my origin server push> stream.What is your "origin server"? Is the "push stream" validly formatted?What do the logs on *both* servers say about it?It seems that Apache never put this into production.I'll leave that up to one of the developers -- this is the "user" list.We stopped even considering it when Chrome announced quite openly thatthey would not support it.PaulPUSH> PROMISE STREAM is one of the most important characteristics of http/2> defined in RFC. So, I wonder what is the reason behind. Maybe there is> no std library to use? I would be quite grateful if you let me know the> considerations>> ------------------------------------------------------------------------> chenpinji@xxxxxxxxxxx>> *From:* Stormy <mailto:stormy22@xxxxxxxxx>> *Date:* 2023-08-07 03:41> *To:* users <mailto:users@xxxxxxxxxxxxxxxx>> *Subject:* Re: Can apache2 reverse proxy forward> HTTP/2 server push?> On 2023-08-06 05:36, chenpinji@xxxxxxxxxxx wrote:> > Hi! I'm using apache2 as a reverse proxy of my HTTP/2 origin> server. My origin server has some assets to push, however, apache2> disabled the push stream (PUSH PROMISE STREAM) in the test. I have> searched for reasons on RFC, it shows that "SETTINGS_ENABLE_PUSH> (0x2): This setting can be used to disable server push (Section> 8.2)". Therefore, I wonder how to set apache2 to enable the origin> server push(not in a Link Header manner). Can apache2 handle PUSH> PROMISE FRAME or forward server push? It would help to give me some> instructions, the core of my configuration of apache2 is below:> > ############################> > <VirtualHost *:443>> > Protocols h2 http/1.1> > ServerName www.xxx.com> > SSLEngine on> > SSLProxyEngine on> > #SSLProxyVerify none> > SSLProxyCheckPeerCN off> > SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1> > #SSLProxyCheckPeerName off> > #SSLProxyCheckPeerExpire off> > ProxyRequests Off> > ProxyPass / h2://127.0.0.1:8443/> > ProxyPassReverse /http://127.0.0.1:8443/ <http://127.0.0.1:8443/>> > SSLCertificateFile /path/to/fullchain.cer> > SSLCertificateKeyFile /path/to/example.key> I could be wrong (we never put it into production), but I have a note> concerning the need for "protocol" h2c as well as h2, otherwise TCP is> not recognized. We came to the conclusion (as did chrome who> dropped it> last year <https://chromestatus.com/feature/6302414934114304>) that> client cache and push were probably not compatible with latency, but> YMMV.> See: Protocols h2 h2c http/1.1 at> <https://httpd.apache.org/docs/2.4/howto/http2.html>> Paul> ---------------------------------------------------------------------> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx>---------------------------------------------------------------------To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxxFor additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|