HTTP ( Hyper Text Transfer Protocol ) is the top application layer protocol atop the Tarnsport layer ( TCP ) and the Network layer ( IP ).
HTTP/1.1
HTTP/1.1 was released in 1997. HTTP/1 allowed only 1 req at a time. But HTTP/1.1 allows one one outstanding connection on a TCP session but allowed request pieplinig to achieve concurency.
HTTP/2
HTTP/2 was released in 2015, it aimed at reducing latency while delivering heavy graphics, videos and other media cpmponents on web page especially on mobile sites .
optimizes server push and service workers.
Features
- Header compression (HPACK)
- reuse connection TCP connection
- All frames (e.g. HEADERS, DATA, etc) are sent over single TCP connection
- Binary framing layer
- Prioritization
- Flow control
- Server push
- Request → Stream
- Streams multiplexed
- Streams prioritized
- (+) low latency / iproves end user perceived latency
- (+) retain semantics of HTTP1.1
FRAMES
A key differenet between HTTP/1.1 and HTTP/2 is the fact that former transmites requests and reponses in plaintext whereas the later encapsulates them into binary format, proving more features and scope for optimzation. Thus at protocol level, it is all about frames of bytes which are part of stream.
- HTTP messages are decomposed into one or more frames
- HEADERS for meta-data (9-byte, length prefixed)
- DATA for payload
- RST_STREAM to cancel
- …..
“enables a more efficient use of network resources and a reduced perception of latency by introducing header field compression and allowing multiple concurrent exchanges on the same connection. It also introduces unsolicited push of representations from servers to clients.”
Hypertext Transfer Protocol Version 2 (HTTP/2) draft-ietf-httpbis-http2-latest
https://http2.github.io/http2-spec/
It is important to know that Browsers only implement HTTP/2 under HTTPS, thus TLS connection is must for whichw e need certs ad keys signed by CA ( either self signed using openssl , signed by public CA like godaddy , verisign or letsencrypt).
Data Flow
DATA frames are subject to per-stream and connection flow control
- Flow control allows the client to pause stream delivery, and resume it later
Compatibility Layer between HTTP1.1 and HTTP2.0 in node
Nodejs >9 provides http2 as native module. Exmaple of using http2 with compatibility layer
const http2 = require('http2');
const options = {
key: 'ss/key', // path to key
cert: 'ssl/cert' // path to cert
};
const server = http2.createSecureServer(options, (req, res) => {
req.addListener('end', function () {
file.serve(req, res);
}).resume();
});
server.listen(8084);
in replacement for existing server http/https server
const https = require('https');
app = https.createServer(options, function (request, response) {
request.addListener('end', function () {
file.serve(request, response);
}).resume();
});
app.listen(8084);
Socket.io/ Websocket over HTTP2
The WebSocket Protocol uses the HTTP/1.1 Upgrade mechanism to transition a TCP connection from HTTP into a WebSocket connection
Due to its multiplexing nature, HTTP/2 does not allow connection-wide header fields or status codes, such as the Upgrade and Connection request-header fields or the 101 (Switching Protocols) response code. These are all required for opening handshake.
Ideally the code shouldve looekd like this with backward compatiability layer , but continue reading update ..
var app = http2
.createSecureServer(options, (req, res) => {
req.addListener('end', function () {
file.serve(req, res);
}).resume();
})
.listen(properties.http2Port);
var io = require('socket.io').listen(app);
io.origins('*:*');
io.on('connection', onConnection); // evenet handler onconnection
Error during WebSocket handshake: Unexpected response code: 403
update May 2020 : I tried using the http2 server with websocket like mentioned above ,h owever many many hours of working around WSS over HTTP2 secure server , I consistencly kept faccing the ECONNRESET issues after couple of seconds , which would crash the server
Therefore leaving the web server to server htmll conetnt I reverted the siganlling back to HTTPs/1.1 given the reasons for sticking with WSS is low latency and existing work that was already put in.
Example Repo : https://github.com/altanai/webrtcdevelopment/tree/htt2.0
Reading Further of exploring HTTP CONNECT methods for setting WS handshake . Will update this section in future if it works .
Streams
A “stream” is an independent, bidirectional sequence of frames exchanged between the client and server within an HTTP/2 connection.
A single HTTP/2 connection can contain multiple concurrently open streams, with either endpoint interleaving frames from multiple streams.
Core http2 module provides new core API (Http2Stream), accessed via a “stream” listener:
const http2 = require('http2');
const options = {
key: 'ss/key', // path to key
cert: 'ssl/cert' // path to cert
};
const server = http2.createSecureServer(options, (stream, headers) => {
stream.respond({ ':status': 200 });
stream.end('some text!');
});
server.listen(3000);
Other features
- stream multiplexing
- stream Prioritization
- header compression
- Flow Control
- support for trailer
Persistent , one connection per origin.
With the new binary framing mechanism in place, HTTP/2 no longer needs multiple TCP connections to multiplex streams in parallel; each stream is split into many frames, which can be interleaved and prioritized. As a result, all HTTP/2 connections are persistent, and only one connection per origin is required,
Server Push
bundling multiple assets and resources into a single HTTP/2 and lets the srever proactively push resources to client’s cache .
Server issues PUSH_PROMISE , client validates whether it needs the resource of not. If the client matches it then they will load like regular GET call
The PUSH_PROMISE frame includes a header block that contains a complete set of request header fields that the server attributes to the request.
After sending the PUSH_PROMISE frame, the server can begin delivering the pushed response as a response on a server-initiated stream that uses the promised stream identifier.
Client receives a PUSH_PROMISE frame and can either chooses to accept the pushed response or if it does not wish to receive the pushed response from the server it can can send a RST_STREAM frame, using either the CANCEL or REFUSED_STREAM code and referencing the pushed stream’s identifier.
Push Stream Support
-tbd
respondWithFile() and respondWithFD() APIs can send raw file data that bypasses the Streams API.
Related technologies
MIME
Multipurpose Internet Mail Extensions (MIME) is an Internet standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs. Message bodies may consist of multiple parts, and header information may be specified in non-ASCII character sets.
Email messages + MIME : transmitted with standard protocols, such as the Simple Mail Transfer Protocol (SMTP), the Post Office Protocol (POP), and the Internet Message Access Protocol (IMAP).
MIME in HTTP in WWW : servers insert a MIME header field at the beginning of any Web transmission. Clients use the content type or media type header to select an appropriate viewer application for the type of data indicated. Browsers typically contain GIF and JPEG image viewers.
MIME header fields
- MIME version
MIME-Version: 1.0
- Content Type
Content-Type: text/plain
multipart/mixed , text/html, image/jpeg, audio/mp3, video/mp4, and application/msword
- content disposition
Content-Disposition: attachment; filename=genome.jpeg;
modification-date="Wed, 12 Feb 1997 16:29:51 -0500";
- Content-Transfer-Encoding
TLS + HTTP/2
References :
- [1] google- https://developers.google.com/web/fundamentals/performance/http2
- [2] HTTP2 spec – https://http2.github.io/http2-spec/
- [3] stackoverflow – https://stackoverflow.com/questions/28582935/does-http-2-make-websockets-obsolete
- [4] RFC 6455 – https://tools.ietf.org/html/rfc6455 The WebSocket Protocol
- [5] RFC 8441 Bootstrapping WebSockets with HTTP/2
- [6] RFC 7540 Hypertext Transfer Protocol Version 2 (HTTP/2)
- [7] google Slides on HTTP/2 is here, let’s optimize! by +Ilya Grigorik
- [8] High Performance Browser Networking © ILYA GRIGORIK https://hpbn.co/
Telecom R & D 