From: William A. Rowe Jr Date: Thu, 19 Nov 2015 20:18:26 +0000 (+0000) Subject: Regenerate X-Git-Tag: 2.5.0-alpha~2633 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=57a17302db1a483b41b239b16c3c58277d45cac7;p=thirdparty%2Fapache%2Fhttpd.git Regenerate git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1715265 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_http2.html.en b/docs/manual/mod/mod_http2.html.en index 88d7b4fb3b8..3255b8fef10 100644 --- a/docs/manual/mod/mod_http2.html.en +++ b/docs/manual/mod/mod_http2.html.en @@ -63,6 +63,7 @@
  • H2MaxWorkers
  • H2MinWorkers
  • H2ModernTLSOnly
    • +
  • H2Push
  • H2SerializeHeaders
  • H2SessionExtraFiles
  • H2StreamMaxMemSize
    • @@ -78,7 +79,7 @@ - + @@ -97,8 +98,22 @@ use on TLS connections not mandated by the standard.

    - This mode only has an effect when h2 or h2c is enabled via - the <Protocols>. + When a server/vhost does not have h2 or h2c enabled via + <Protocols>, + the connection is never inspected for a HTTP/2 preamble. H2Direct + does not matter then. This is important for connections that + use protocols where an initial read might hang indefinitely, such + as NNTP. +

    +

    + For clients that have out-of-band knowledge about a server + supporting h2c, direct HTTP/2 saves the client from having to + perform an HTTP/1.1 upgrade, resulting in better performance + and avoiding the Upgrade restrictions on request bodies. +

    +

    + This makes direct h2c attractive for server to server communication + as well, when the connection can be trusted or is secured by other means.

    Example

    H2Direct on
    @@ -204,8 +219,8 @@

    The name stems from the Security/Server Side TLS - definitions at mozilla where "modern compatiblity" is defined. Mozilla Firefox and - other browsers require modern compatiblity for HTTP/2 connections. As everything + definitions at mozilla where "modern compatibility" is defined. Mozilla Firefox and + other browsers require modern compatibility for HTTP/2 connections. As everything in OpSec, this is a moving target and can be expected to evolve in the future.

    @@ -221,6 +236,66 @@

    Example

    H2ModernTLSOnly off
    + +
    top
    +

    H2Push Directive

    +
    Description:H2 Direct Protocol Switch
    Syntax:H2Direct on|off
    Default:H2Direct on for http:, off for https: requests
    Default:H2Direct on for h2c, off for h2 protocol
    Context:server config, virtual host
    Status:Extension
    Module:mod_http2
    + + + + + + +
    Description:H2 Server Push Switch
    Syntax:H2Push on|off
    Default:H2Push on
    Context:server config, virtual host
    Status:Extension
    Module:mod_http2
    +

    + This directive toggles the usage of the HTTP/2 server push + protocol feature. This should be used inside a + <VirtualHost> + section to enable direct HTTP/2 communication for that virtual host. +

    +

    + The HTTP/2 protocol allows the server to push other resources to + a client when it asked for a particular one. This is helpful + if those resources are connected in some way and the client can + be expected to ask for it anyway. The pushing then saves the + time it takes the client to ask for the resources itself. On the + other hand, pushing resources the client never needs or already + has is a waste of bandwidth. +

    +

    + Server pushes are detected by inspecting the Link headers of + responses (see https://tools.ietf.org/html/rfc5988 for the + specification). When a link thus specified has the rel=preload + attribute, it is treated as a resource to be pushed. +

    +

    + Link headers in responses are either set by the application or + can be configured via mod_headers as: +

    +

    mod_headers example

    <Location /index.html>
+    Header add Link "</css/site.css>;rel=preload"
+    Header add Link "</images/logo.jpg>;rel=preload"
+</Location>
    +
    +

    + As the example shows, there can be several link headers added + to a response, resulting in several pushes being triggered. There + are no checks in the module to avoid pushing the same resource + twice or more to one client. Use with care. +

    +

    + HTTP/2 server pushes are enabled by default. This directive + allows it to be switch off on all resources of this server/virtual + host. +

    +

    Example

    H2Push off
    +
    +

    + Last but not least, pushes happen only when the client signals + its willingness to accept those. Most browsers do, some, like Safari 9, + do not. +

    +
    top

    H2SerializeHeaders Directive

    @@ -259,7 +334,7 @@

    This directive sets maximum number of extra file handles a HTTP/2 session is allowed to use. A file handle is counted as - extra when it is transfered from a h2 worker thread to + extra when it is transferred from a h2 worker thread to the main HTTP/2 connection handling. This commonly happens when serving static files.

    @@ -318,7 +393,7 @@

    See <H2TLSWarmUpSize> for a description of TLS warmup. H2TLSCoolDownSecs reflects the fact - that connections may detoriate over time (and TCP flow adjusts) + that connections may deteriorate over time (and TCP flow adjusts) for idle connections as well. It is beneficial to overall performance to fall back to the pre-warmup phase after a number of seconds that no data has been sent. @@ -329,7 +404,7 @@

    The following example sets the seconds to zero, effectively disabling - any cooldown. Warmed up TLS connections stay on maximum record + any cool down. Warmed up TLS connections stay on maximum record size.

    Example

    H2TLSCoolDownSecs 0
    @@ -374,7 +449,7 @@

    In deployments where servers are reached locally or over reliable connections only, the value might be decreased with 0 disabling - any warmup phase alltogether. + any warmup phase altogether.

    The following example sets the size to zero, effectively disabling @@ -389,7 +464,7 @@ - + @@ -409,8 +484,15 @@

    This method of protocol switching is enabled by default on cleartext - (http:) connections and disabled on TLS (https:), as mandated - by RFC 7540. + (potential h2c) connections and disabled on TLS (potential h2), + as mandated by RFC 7540. +

    +

    + Please be aware that Upgrades are only accepted for requests + that carry no body. POSTs and PUTs with content will never + trigger an upgrade to HTTP/2. + See <H2Direct> for an + alternative to Upgrade.

    This mode only has an effect when h2 or h2c is enabled via

    Description:H2 Upgrade Protocol Switch
    Syntax:H2Upgrade on|off
    Default:H2Upgrade on for http:, off for https: requests
    Default:H2Upgrade on for h2c, off for h2 protocol
    Context:server config, virtual host
    Status:Extension
    Module:mod_http2