7. motivation
● Sharing Documents
● Over TCP
● Text Base Protocol
● Stateless
version
● HTTP/0.9
● HTTP/1.0
● HTTP/1.1
○ Keep-Alive
○ Pipelining
HTTP / 1.1
8. CLIENT SERVER
Req / Res on HTTP/1.1
Text Base Protocol
GET /index.html HTTP/1.1
Host: example.org
Accept: text/html
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 35
<!DOCTYPE html>
<title>hello</title>
12. HTTP ?
● Simple
○ text base, easy scaling etc
○ good for document sharing
○ but Good for Now ?
● now “Web” is
○ Plat Form (not only document sharing)
○ Ajax, WebSocket…
○ tons of JS, CSS, Images...
○ PC, Mobile, Tablet, TV, Game …
● needs
○ more speed
○ more efficiency
○ more secure
22. Server Push
// index.html
<html>
<script src=”a.js”
/>
<link rel=”b.css” />
<img src=”c.png” />
</html>
server pushes
a.js, b.css, c.png
while processing
index.html
pushed resources are
cached in browser
and cache hit when
browser need it.
24. SPDY
● Google’s Original Protocol
○ Google has both server & client
● Widely Deployed
○ twitter
○ facebook
○ LINE
● SPDY/4 discussing
○ websocket over spdy etc
● CRIME attack
○ disable header compression
○ need another compression
28. specs
● working on github !
○ https://github.com/http2/http2-spec
● draft
○ http://tools.ietf.org/wg/httpbis/draft-ietf-httpbis-http2/
● current (2013/8/28)
○ http://tools.ietf.org/html/draft-ietf-httpbis-http2-06
● ML
○ http://lists.w3.org/Archives/Public/ietf-http-wg/
○ https://www.ietf.org/mailman/listinfo/http-devops (new)
29. HTTP/2.0 draft-06
● Multiplexing (same as spdy)
● Server Push (same idea as spdy)
● ALPN / Upgrade
● Binary Frames
● Header Compression
30. Starting HTTP2.0 (1/2 step)
● “http://”
○ Upgrade Header like websocket
● “https://”
○ ALPN (application layer protocol
negotiation)
○ not NPN like spdy
● Known Supported
○ prior knowledge from DNS or so
○ may immediately send http2.0 frame
32. Starting HTTP2.0 (2/2 step)
● sending connection header
○ make sure peer supports http2.0
● with Magic Octets
505249202a20485454502f322e300d0a0d0a534d0d0a0d0a
PRI * HTTP/2.0
rnrn
SM
rnrn
invalid
Method PRI
2 new line
for parser
33. Frame Type
● DATA
● HEADERS
● PRIORITY
● RST_STREAM
● SETTINGS
● PUSH_PROMISE
● PING
● GOAWAY
● WINDOW_UPDATE
● CONTINUATION
Changed from
SPDY/3
37. Server Push(2)
CLIENT SERVER
HEADERS (stream_id=1)
- END_STREAM
+ END_HEADERS
:status = 200
content-type = text/html
content-length = 33
DATA (stream_id=1)
+ END_STREAM
<html>
<img src=”a.png”>
</html>
cache hit !!
Response
38. HPAC (header compression)
● HTTP Header
○ Text Base
○ Long Name
○ Send multiple time
● SPDY compression
○ CRIME
● HPAC
○ send diff
○ using binary
● HPAC component
○ Header Table
○ Reference Set
39. Header Table
Index Header Name Header Value
0 :scheme http
1 :scheme https
2 :host
3 :path /
4 :method GET
5 accept
6 accept-charset
7 accept-encoding
... ...
29 via
Index Header Name Header Value
0 :status 200
1 age
2 cache-control
3 content-length
4 content-type
5 date
6 etag
7 expires
... ...
29 www-authenticate
Request Header Table Response Header Table
40. Header Representation
● Indexed Header Representation
● Literal Header Representation
○ Literal Header without Indexing
○ Literal Header with Incremental Indexing
○ Literal Header with Substitution Indexing
41. HPAC example (1/3)
CLIENT SERVER
Use index 0
0x80 (indexed header, index = 0)
Use index 4
0x84 (indexed header, index = 4)
Use index 2
with replace "example.org"
0x03 (literal header, substitution indexing,
name index = 2)
0x02 (replaced entry index = 2)
0x0B (header value string length = 11)
“example.org”
Use index 3
with replace "/index.html"
0x04 (literal header, substitution indexing,
name index = 3)
0x03 (replaced entry index = 3)
0x0B (header value string length = 11)
“/index.html”
0 :scheme http
1 :scheme https
2 :host exampl
e.com
3 :path /index.
html
4 :method GET
0 :scheme http
1 :scheme https
2 :host
3 :path /
4 :method GET
reference set
:scheme https
:host example.org
:path /index.html
:method GET
reference set
GET /index.html
50byte -> 30byte
42. HPAC example (2/3)
CLIENT SERVER
Use index 3
with replace "/client.js"
0x04 (literal header, substitution indexing,
name index = 3)
0x03 (replaced entry index = 3)
0x0B (header value string length = 10)
“/client.js”
0 :scheme http
1 :scheme https
2 :host examp,
e.org
3 :path /client.js
4 :method GET
0 :scheme http
1 :scheme https
2 :host exampl
e.org
3 :path /inde.
html
4 :method GET
reference set
:scheme https
:host example.org
:path /client.js
:method GET
reference set
:scheme https
:host example.org
:path /index.html
:method GET
GET /client.js
49byte -> 13byte
43. HPAC example (3/3)
CLIENT SERVER
0 :scheme http
1 :scheme https
2 :host examp,
e.org
3 :path /index.
html
4 :method GET
0 :scheme http
1 :scheme https
2 :host example
.org
3 :path /client.js
4 :method GET
reference set
:scheme https
:host example.org
:path /client.js
:method GET
reference set
:scheme https
:host example.org
:path /client.js
:method GET
GET /client.js
49byte -> 0byte
44. implementations
● nghttp2 C
● http2-katana C#
● node-http2 NodeJS
● Mozilla C++
● http2-perl Perl
● iij-http2 NodeJS
● Akamai Ghost C++
● Chromium C++
● Hasan's GFE C++
● Twitter Java
see: https://github.com/http2/http2-spec/wiki/Implementations