4. @readlearncode readlearncode.com
• Why Do We Need HTTP/2
• Workarounds to HTTP1.1
• HTTP Sockets
• Topline HTTP/2 Features
• Servlet 4.0 Features
• Server Support
• Status Update
• Extract Bits
• Q&A
What’s on?
6. @readlearncode readlearncode.com
• Increase perceived performance of web
• HTTP protocol not suitable
• Since April 2011 average web page size
• increased by over 300%
• The problem with HTTP/1.1
300%
Source: HTTPArchive.com
Why Do We Need HTTP/2?
The Goal of HTTP/2
7. @readlearncode readlearncode.com
• Requests resources in parallel HTTP 1.0
• One request per TCP connection
• HTTP1.1 Pipelining: multiple requests
• Responds in sequence
• Delay causes head-of-line blocking
How a browser loads a webpage?
open
close
client server
no pipelining
index.html
style_1.css
logo.jpg
open
close
client server
pipelining
time
index.html
style_1.css
logo.jpg
Why Do We Need HTTP/2?
9. @readlearncode readlearncode.com
• Multiple connections
• Acceptable but has issues
• TCP sockets expensive
• Browser max connections
Workarounds to HTTP1.1
Solution to Head-Of-Line Blocking
open
close
client server
connection 1
style_1.css
open
close
client server
connection 2
javaScript_1.js
open
close
client server
connection 3
image_1.png
13. @readlearncode readlearncode.com
• One image file consists of many smaller images
Workarounds to HTTP1.1
Image Sprite Sheet
Image sprites from Amazon, Google and Facebook.
18. @readlearncode readlearncode.com
HTTP Sockets
All connections now operate as one connection
open
close
client server
open
close
client server
open
close
client server
open
close
client server
open
close
client serveropen
close
client server
20. @readlearncode readlearncode.com
• HTTP/2 is comprised of two specifications
• Hypertext Transfer Protocol version 2 - RFC7540
• HPACK - Header Compression for HTTP/2 - RFC7541
• Binary Protocol Based on Frames
Topline HTTP/2 Features
What’s new
22. @readlearncode readlearncode.com
• Most important feature
• Request and response is multiplexed
• Fully bi-directional communication
• Concepts
• Connection - A TCP socket
• Stream – A channel of communication
• Message – A request/response and control message
• Frame –The smallest unit within a communication
• Resolves head-of-line blocking
• Communication broken down into frames
• Frames facilitate interweaving the logical stream
Topline HTTP/2 Features
Request/Response Multiplexing
24. @readlearncode readlearncode.com
• Interweave the logical stream over a single TCP
• Stream 3 send header then body and server responds with
stream 2 before it receives completed stream 3
Topline HTTP/2 Features
Request/Response Multiplexing
STREAM 1
HEADERS
STREAM 3
DATA
STREAM 1
DATA
STREAM 2
HEADERS
STREAM 3
HEADERS
STREAM 2
DATA
browser server
25. @readlearncode readlearncode.com
• Decomposition of the frame
• Type fields can be
• HEADERS corresponds to the HTTP headers
• DATA corresponds to the HTTP request body
• PUSH_PROMISE server notifies of push intent
• RST_STREAM notifying error, client rejects push
• PRIORITY specifies stream priority
• SETTING, PING, GOAWAY, WINDOW_UPDATE, CONTINUATION
Topline HTTP/2 Features
Binary Framing
LENGTH (24)
TYPE (8) FLAGS (8)
R STREAM IDENTIFIER (31)
FRAME PAYLOADS (0.. n)
26. @readlearncode readlearncode.com
• Mapping the HTTP Request to Frames
Topline HTTP/2 Features
Header Compression
HTTP request Header Frame
GET /index.html HTTP/1.1
Host: example.com
Accept: text/html
HEADERS
- END_STREAM
+ END_HEADERS
:method: GET
:scheme: http
:path: /index.html
:authority: example.com
accept: text/html
27. @readlearncode readlearncode.com
• Mapping the HTTP Response to Frames
Topline HTTP/2 Features
Header Compression
HTTP response Frames
HTTP/1.1 200 OK
Content-Length: 11
Content-Type: text/html
May The Force Be With You
HEADERS
- END_STREAM
+ END_HEADERS
:status: 200
content-length: 11
content-type: text/html
DATA
+ END_STREAM
May The Force Be With You
29. @readlearncode readlearncode.com
• Attach priority information to streams
• Priority located in the header frame or the priority frame
• Only a suggestion to the server
Topline HTTP/2 Features
Stream Prioritization
B D C
A
2 14 10
B C
A
4 8
30. @readlearncode readlearncode.com
• Eliminate the need for resource inlining
• The sever can proactively send resources to the client
• Client can reject PUSH_PROMISE by responding
RST_STREAM
Topline HTTP/2 Features
Server Push
32. @readlearncode readlearncode.com
Servlet 4.0 Features
Server Push
• Most visible improvements in servlets
• Best place to know what resources a request needs
• Not a replacement for websockets
34. @readlearncode readlearncode.com
• Browser requests index.html
• Server discovers need for css and js
• Get PushBuilder from HTTP request
• Set path to css and invoke push
• Set path to js and invoke push
• Then responds with index.html
• The PushBuilder can be reused
Servlet 4.0 Features
Typical Journey
35. @readlearncode readlearncode.com
Servlet 4.0 Features
PushBuilder Dive Deeper
• Constructed with request method set to GET by default
• Conditional, range, expectation, authorization and request headers
are removed
• Cookies are only added if the maxAge has not expired
• Only required setting is the URI path to the resource
• Must be set before every call to push()
38. @readlearncode readlearncode.com
• Web framework use case most important
• Dependent on knowing the resources the client requires
• Frameworks best placed to take advantage of server push
• JSF users get server push for free
Servlet 4.0 Features
JSF Use Case
39. @readlearncode readlearncode.com
• SETTINGS_ENABLE_PUSH clients disable server push
• RST_STREAM rejects cached resources
• Servlet containers must honour request to not receive
Servlet 4.0 Features
Disable/Reject Server Push
40. @readlearncode readlearncode.com
• Perfectly backward compatible
• Rework to take advantage of Server Push
• Consider removing frontend HTTP 1.1 workarounds
• JSF developers get it for free
Servlet 4.0 Features
Backward Compatible
42. @readlearncode readlearncode.com
• GlassFish 5.0 (nightly)
Reference implementation
• Payara 5.0
Has a branch for Java EE 8 development
• Jetty Stable-9 (9.4.5.v20170502)
org.eclipse.jetty.servlets.PushCacheFilter/PushBuilder
Server Implementation
Servlet Support
43. @readlearncode readlearncode.com
• WildFly 10 (Undertow)
Initial PushBuilder support implemented in Undertow master
• Tomcat 9.0.0.M20
PushBuilder support in thejavax.servlets.http package
• Netty 4.1
HTTP/2 implementation takes full advantage of headline
features
Server Implementation
Servlet Support
47. @readlearncode readlearncode.com
• The goal of HTTP/2 is to improve performance
• Cloudflare HTTP/2 demonstration tool
www.cloudflare.com/http2
• Anthum's HTTP vs HTTPS
www.httpvshttps.com
Performance Tests
Show me the performance
Here is how I am going to spend the next 45 mins or so.
I will establish the reasons why we need HTTP/2
Then I will look at the some of the work arounds that are used to overcome the short comings in HTTP1.1
Then I will focus in on the constrasting ways that HTTP1 and 2 percieve the usage of sockets
Then I will look at the topline features of HTTP/2
And then how they manifest themselves in servlets 4 with plenty of code examples
A quick look at the current state of server support for Servlets
Current status of java ee and sevlet spec
If there is time. I will look at some extra goodies and
Then I will finish with some questions and answers
The goal of HTTP/2 is to increase the perceived performance of the web browsing experience.
Web pages download more resource now compared to 22 years ago when the HTTP protocol was standardised. A typical page back then was just a simple HTML page with a few images and weighed less than 1K in size. The HTTP protocol was designed to serve this kind of page.
Fast forward to 2017 and the average web page looks completely different. It is still essentially HTML but now it is dependent on an average of 120 resources and these 120 resources are essential for today’s rich web experiences and we want this experience.
The HTTP protocol wasn't designed to deliver this kind of web experience and is very inefficient at delivering the kind of content we are now accustomed to. Over the last 22 years, as the demands on the HTTP protocol increased, web developers looked for ways to overcome the protocol's limitations and have developed some very effective solution. However good they are, they are just workarounds, hacks to compensate for the protocols limitations. We will be looking at some of those workarounds later on.
If the protocol was better these workarounds would not be necessary.
In fact over the last six years, since April 2011, the average size of a top 1000 web page has increased by over 300% to 2,101 bytes according to the HTTP Archive and the average web page now loads over 120 resources.
Lets start by looking at the problems with HTTP 1.
The browser requests the webpages from the server and finds that it requires more resources in order to render the page properly.
It then starts to request these resources one at a time.
So the browser will load the stylesheet and wait for the server to respond with this resource, then the browser requests the logo image and waits for the response, and so on until all the resources are loaded. In the beginning HTTP 1.0 allowed only one request to be made via a single TCP connection.
In HTTP/1.1 this was addressed with pipelining and the browser was able to make multiple requests.
A request is sent for all the required resources. Firstly a request for the index page, then a request is sent for the style sheet, then the image file and so on and the browsers waits for the server to respond with the requested resources. The server will respond in the order in which the resources were requested, but what happens if the style sheet takes time to return to the client: the browser must wait until it is received, the other requested resources are not returned until the server responds with the style sheet file.
This problem is called head-of-line blocking.
So instead of one connection, multiple connections are set up. For example: on connection 1 the browsers loads the stylesheet on connection 2 it loads the javaScript on connection 3 it loads the image file and so on.
This an acceptable solution but this solution has two main issues.
TCP sockets are expensive to create, not an efficient use of TCP connections and
For a given browser there is maximum number of connection per host
Given these restrictions we looked for a different way to optimize page loading.
Create one large CSS file containing all the site's styles and one large JavaScript file with all the required dynamic logic, even the page itself could contain all it's required CSS and JavaScript.
This can reduce the number of HTTP requests for a given web page to one.
Another way is to use assest inlining.
Inlining assets is a special case of file concatenation. It’s the practice of embedding CSS stylesheets, external JavaScript files, and images directly into an HTML page. For example, if you have web page that looks like this:
You could run it through an inlining tool to get something like this.
You can see that the stylesheet is now embeded inline with the HTML code as is the javascript and the image.
This can reduce the number of HTTP requests for a given web page to one.
As we have just seen, resources can be embedded directly inside the web page. We have seen that the CSS and JavaScript can be embedded into the HTML.
The way images are embeded is that the image is base64 encoded and inserted into the web page, it is deployed to the webserver with the image encoding inline, and then when the web page is loaded it is extracted and decoded using base 64.
A lot of time is spent encoding and decoding and caching cannot be easily done.
An image sprite is a single image file made up of all the sprites you use on the web page. Instead of 10 images we have just one. Each sprite is cut from the sprite sheet on the client side before use.
Image sprites in the wild from Amazon, Google and Facebook.
To over come the maximum number of connection to a host by the browser we can host the style sheets on one host and the JavaScript on another. This way we are not bound to one host.
Here we open a connection to server 1 and request the logo.jpg and icon.jpg files and we open a connection to a different server and request the header.css and the menu.css. So we have opened two connections to two domains rather than 4 connections to one domain.
What does HTTP1.1 say about sockets.
Socket are seen by HTTP1.1 as a throw away resource as the specification does not say much about how they are to be used nor is there any mention of how many sockets a browser should open to a given host.
It just by industry consensus that they open 5 or 8 connections. Mosaic opened just one and then Internet Explorer opened 4.
Even though the specification says nothing about the number of open sockets the browsers decided to restrict it to an arbitory number
In contrast sockets are seen as a scares resource and the specification talks much about how they are to be used. But essentially, a browser should ideally open only one socket to the server and do all it needs over this one socket.
The consequence of this is that everything that was done in N sockets in HTTP1.1 is now done over just one socket connection in HTTP/2.
Lets now have a look at the topline features of HTTP/2 Specification.
HTTP/2 is comprised of two specifications:
Hypertext Transfer Protocol version 2 - RFC7540
HPACK - Header Compression for HTTP/2 - RFC7541
Request/Response Multiplexing – the most important change - Over a single TCP connection request and response is multiplexed with full bi-directional communication.
Binary Framing - The TCP connection is broken down into frames
Header Compression – removes duplication from headers
Stream Prioritization – give priority processing to streams
Server Push – anticipates required assets
Upgrade From HTTP1.1 – how to upgrade to HTTP/2
Top Line Features of HTTP/2
Request/Response Multiplexing
Over a single TCP connection request and response is multiplexed with full bi-directional communication.
Lets defined some terms used when talking about multiplexing:
Connection – A single TCP socket
Stream – A channel within a connection
Message – A logical message, such as a request or a response and control message
Frame – The smallest unit of communication in HTTP/2. A request/response is broken down into smaller parts.
In HTTP 1.1, for a given request you would have just one HTTP request now, with HTTP/2, we break it down into smaller frames and this is how we resolve head of line blocking.
Now that communication has been broken down into frames, you can interweave the logical streams over a single TCP connection, and the issue of head-of-line blocking is removed.
The TCP connection is broken down into frames.
For a given connection you have multiple streams, for each stream you can have multiple messages and for each message you have multiple frames.
You can see that there is a hierarchy.
Frame is the fundamental unit of communication
Once broken down into frames you can interweave the logical stream over a single TCP connection.
Stream 3 sends its headers first then later it sends its data which is its HTTP request body and before the server receives the completed stream 3 its sends back response to stream 2.
Because the server does not have to wait for the completed communication before it does something else the head of line blocking problem does not occur.
Solves head-of-line blocking problem
Type fields. The frame has a header and the header consists of some information:
A frame consists of length of payload (24), type(8), some configuration flags(8), a reserved bit, Stream identifier(31) and Frame Payload (0 ...)
The stream identifier refers to the 1, 2, 3 in the previous diagram.
There are many different types of frames: Type fields can be
HEADERS, corresponds to the HTTP headers
DATA corresponds to the HTTP request body. If you have a large body you may have multiple of them data 1, data2 etc
PUSH_PROMISE
RST_STREAM, notifies there is an error, and allows the client to rejects server push promise request because it already has resource
PRIORITY, refers to the stream priority
SETTING,
PING,
GOAWAY,
WINDOW_UPDATE,
CONTINUATION
Lets see how the HTTP request is mapped to frames
On the left we have an HTTP request and on the right we have it mapped into a header frame.
In the header frame you have two configurations the first is END_STREAM which is set to false (the minus means false) this means that this is NOT the last frame for this request and you should expect more frames and if you set END_HEADERS to true then this frame is the last frame in the stream that contains header information.
Then we map the familiar header information from the HTTP 1.1 request.
The colon denotes that this is a sudo header and references its definition in the HTTP2 specification.
Lets look at the response.
On the left is an HTTP1.1 header response. This splits into two frames: header frame and a data frame.
In the header frame the end_stream is minus because this is not the last frame and the end_header is true as this is the last frame with header information.
In the data frame the end_stream is marked plus as it is the last frame.
The header frame contains a lot of information that has been duplicated between requests. How can we optimize this?
Between requests there is a lot of information that is the same. Between request 1 and 2 the only difference is the path. So why send the same information over and over again?
Instead of sending the data over and over again. We use HPACK header compression. HPACK keeps a table of the headers on the client and server, then when the second and subsequent headers are sent across it just references the header number on the header table.
Then the server/client knows which header you are actually using.
HTTP/2 provides the ability to attach priority information to streams which gives priority to one resource over another.
The priority can be entered in the header frame or the priority frame.
We can also define a hierarchy between streams, however it is only advice to the server, which is completely free to ignore the priority information. If it cannot respect the priority it can ignore it.
Stream A, b, d, c
C will take 3 times the resources as B
Eliminate the need for resource inlining.
The sever can proactively send resources to the client. The server tries to prepopulates the browsers cache with resources so that when the resource is needed it is already available, and does not need to be requested again, saving time.
The way it works.
The client sends header frames to the server to get a file, in this case an index.html at some point the server will respond with the file. The server knows that if I am requesting that file I will also want to request the resources that the file requires to render that html file.
In this case a CCS and an image. The Server can decide to proactively send those resources to the client even though the client has not asked for those resources. The server knows that those resources will be requested. So the server sends a push promise frame for the CSS and a push promise frame for the image. Then the server sends the index file.
The client can ignore those resources. It knows that those resources are in the cache so it declines the push promise so it will not be sent to the client.
Server push is the most visible of the many improvements in HTTP/2 to appear in the servlet API. All of the new features in HTTP/2, including server push, are aimed at improving the perceived performance of the web browsing experience.
Server push is enabled to improve perceived browser performance because servers are in a much better position than clients to know what additional assets (such as images, stylesheets and javascripts) a request might ask for next.
For example, it is possible for servers to know that whenever a browser requests an index.html page, it will then request an image, a stylesheet and javascript, etc. Since servers know this, they can pre-emptively start sending these assets while processing the index.html.
Server push is not a replacement for web sockets. it just allows you to populate the browser cache.
To use server push, obtain a reference to a PushBuilder from an HttpServletRequest, mutate the builder as desired, then call push().
The browser requests the index.html page. The server will discover that it needs the style_1.css and the javaScript_1.js files, so we get a pushbuilder from the HTTP request and set the path to the style_1.css file and invoke push, then we set the path to the javaScript_1.js file and invoke a push again.
Note in this case the css and javascript will return to the client first and then the index returns.
Its simply you get the push builder from the HTTP Request request and set the path to the resource and push.
There are two things to note in this sequence diagram,
the push builder can be reused. In the example I use the push builder to push two resources the css file and the javaScript file.
the second thing is that the index.html is returned to the browser after the push resource.
The reason is that if the index returns before the push resources the browser will analysis it and see that it needs the two resources. It will look in the cache and see that it does not have those resources and it will request them. At this point the browser cache will not be prepopulated. So the pushed resources must be returned first before the index is sent.
One of the frames types mentioned earlier was a RST_STREAM this is how the client can decline a push promise. So if the server pushes a resource and the browser already has it in the cache then rather than let the server send the file it will send an RST_STREAM frame saying that it already has the files file so don't send it.
This builds a push request based on the HttpServletRequest from which this builder was obtained.
PushBuilder pushBuilder = request.getPushBuilder();
The push request is constructed with the request method set to GET. Conditional, range, expectation, authorization and request headers are removed. Cookies are only added if the maxAge has not expired. The request header will be set to the request URL and any query string that was present. If either of the headers If-Modified-Since or If-None-Match were present then isConditional() will be set to true.
The only required setting is the URI path to be used for the push request. This must be called before every call to push(). If the path includes a query string, the query string will be appended to the existing query string (if any) and no de-duplication will occur.
Paths beginning with '/' are treated as absolute paths. All other paths are treated as relative to the context path of the request used to create this builder instance. The path may include a query string.
pushBuilder.path("/images/logo.png")
The resource is pushed by calling the push() method on the pushBuilder instance.
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.getPushBuilder().path("/images/logo.png").push(); }
This code snippet pushes the header.jpg image to the client that made this request.
This code snippet pushes the header.jpg image to the client that made this request.
You can test if Server Push is supported by the browser by calling the isPushSupported method.
A different way of solving this problem is to implement the server push in a filter.
jetty has a PushCacheFilter in the org.eclipse.jetty.servlets package
One of the most important use cases for the server push is the framework case.
It is completely dependent on the server having prior knowledge of the resources that the client will ask for before the client asks for them.
So web frameworks, not just JSF, are in a very good position to take advantage of server push, because the page author has to explicitly indicate at runtime which resources relates with which pages.
All this means is that JSF users get this feature for free without having to refactor their code.
So JSF is able to use server push very easily. Every time JSF is going to render a style sheet for example it will call the method encodeResourceURL and this is the entry point and here we can initialize the call the server push.
The client can explicitly disabled server push by sending a SETTINGS_ENABLE_PUSH setting value of 0 (zero).
In addition to allowing clients to disable server push with the SETTINGS_ENABLE_PUSH setting, servlet containers must honor a client’s request to not receive a pushed response on a finer grained basis by heeding the CANCEL or REFUSED_STREAM code that references the pushed stream’s stream identifier.
One common use of this interaction is when a browser already has the resource in its cache.
Your current code is perfectly compatible with Servlet 4 and you can run it without modification.
However if you want to take advantage of the Server Push feature you will need do some work, but as we have seen this can be implemented as a filter, so the rework change can be transparent.
And as just mentioned JSF gets if for free
The reference implementation for the Java EE 8 is the GlassFish project Version 5.0. This is progressing nicely.
Jetty Jetty is a Web Server and Servlet container which supports HTTP/2, WebSockets, OSGi, JMX, JNDI, JAAS. Jetty's stable release 9.3.x has had PushBuilder support for a few months and it is being actively used by their HTTP/2 adopters
They have implemented their own packaging for Servlet 4.0 API and includes a PushCacheFilter in the org.eclipse.jetty.servlets package. This is a more sophisticated implementation of the example we saw earlier.
WildFly 10 (Undertow) They have an initial PushBuilder support implemented in Undertow master, however it is not part of any release yet. It should be possible to use it in Wildfly by simply replacing the existing Undertow and Servlet API jars.
https://github.com/payara/Payara/tree/Payara-5
WildFly 10 (Undertow)
They have an initial PushBuilder support implemented in Undertow master, however it is not part of any release yet. It should be possible to use it in Wildfly by simply replacing the existing Undertow and Servlet API jars.
Tomcat 9
Currently supports Servlets 4.0's PushBuilder in the javax.servlets.http package.
Netty 4.1
Its worth mentioning that Netty 4.1, an asynchronous event-driven network application framework, has an HTTP/2 implemetations that takes full advantage of the main headline features.
The specification is currently in public review the last stage finishes 20th May
and hopefully ready for JavaOne in 1st week in October.
HTTP/2 is the main issue but the Expert Group are tackling other issue which you can follow on the issue tracker.
The issue tracker has moved to github. This is the link to the issue tracker where you can review the current issues that are being ironed out
And the full JCP specification is available at this link here.
The goal of HTTP/2 is to improve performance. So lets see just how much faster it really is.
Cloudflare has a neat online tool (cloudflare.com/http2) that downloads 200 image slices in both HTTP1.1 and HTTP/2. The browser has to use many separate TCP connections to load the slices. This incurs significant amount of overhead because only a small number of images are downloaded in parallel.
I ran this a few days ago and the demo showed that HTTP/2 was 4.0x faster than HTTP/1.1.
HTTP1.1 vs HTTP/2 HTTPS
Another tool that tests HTTP1.1 against HTTP/2 is Anthum's HTTP vs HTTPS (httpvshttps.com). Plaintext HTTP/1.1 is compared against encrypted HTTP/2 HTTPS on a non-caching, nginx server with a direct, non-proxied connection.
We can use ALPN which is a TLS extension and in the handshake you send an extension and the server will determine that the communication is h2 and will continue using h2.
One of the changes in Tomcat 9 is that TLS virtual hosting and multiple certificate are supported for a single connector with each virtual host able to support multiple certificates.
Open the conf/server.xml file and make the following configuration changes.
SPDY's primary focus is to reduce web page load time by reducing latency, essentially satisfying the same goal as HTTP/2 and it formed the first draft of the HTTP/2. Its a bridge between HTTP1.1 and HTTP/2 and will not be support be support by Chrome going forward. Instead chrome will favour support for HTTP/2 from early this year.
Talk about JSR JCP Java EE Guardians etc
Servers can advise that they support HTTP/2 during the SSL handshake and with modification made to Shodan by John Matherly that track the negotiated HTTP versions searches of the data collected can be made using the ssl.alpn filter.
Shodan is the world's first search engine for Internet-connected devices
If we analyse the two graphs (December full report, April full report) by looking at the percentage of all reported server support for each protocol type we can see that the adoption of HTTP/2 has increased 100% to 10% of all surveyed servers.
However further analysis shows that growth has come from providers upgrading the incumbent version of HTTP/2 to the latest specification. It can be implied that providers have upgraded from draft versions 14 and 17 and from HTTP/2 (cleartext). The clear text version is not supportedby Firefox or Chrome.
Looking deeper into data by combining all HTTP 1.x versions into one group, all HTTP 2 into another group and all SPDY versions in a different group we can see that there is no significant change in protocols supported.
As expected HTTP 1.x dominates the list of support protocols, with SPDY in second place and HTTP/2 trailing last. There is still a lot of work to be done.
Servers can advise that they support HTTP/2 during the SSL handshake and with modification made to Shodan by John Matherly that track the negotiated HTTP versions searches of the data collected can be made using the ssl.alpn filter.
Shodan is the world's first search engine for Internet-connected devices
If we analyse the two graphs (December full report, April full report) by looking at the percentage of all reported server support for each protocol type we can see that the adoption of HTTP/2 has increased 100% to 10% of all surveyed servers.
However further analysis shows that growth has come from providers upgrading the incumbent version of HTTP/2 to the latest specification. It can be implied that providers have upgraded from draft versions 14 and 17 and from HTTP/2 (cleartext). The clear text version is not supportedby Firefox or Chrome.
Looking deeper into data by combining all HTTP 1.x versions into one group, all HTTP 2 into another group and all SPDY versions in a different group we can see that there is no significant change in protocols supported.
As expected HTTP 1.x dominates the list of support protocols, with SPDY in second place and HTTP/2 trailing last. There is still a lot of work to be done.
So how do we talk in HTTP2. Two ways.
If you are using HTTP in clear text you can use the upgrade mechanism in HTTP1.1 to send upgraded header to promote to a protocol called h2c, the c means clear text, then the server will react and upgrade to h2c.
If you are using HTTPS you can use ALPN (application layer protocol negation) which is a TLS extension. You send an extension during the handshake to the server side and the server figures out that it is h2 and the communication continues in h2.
However Firefox or Chrome does not support h2c.
HTTP/2 over TLS and HTTP/2 over TCP have been defined as 2 different protocols, identified respectively by h2 and h2c.
Abstraction: Servlet API well positioned to enable HTTP/2 optimisation and to allow frameworks to leverage server push.
So how might Servlets expose HTTP /2 features? Servlets are the right abstraction for the RFC. You don't want to have to program frames and streams so a high level API to hide the network layer would be nice. In the Servlets layer you can do the server push with out doing the low level stuff.
One of the changes in the Servlet API is that in HTTP 1 we had one request and one response. In HTTP /2 this is no longer true. There can be one request and the server may decide to push several resources and then finally it responds with the originally requested page. You have one request and multiple responses at the same time and this is a challenge for the Servlet API.
To use server push, obtain a reference to a PushBuilder from an HttpServletRequest, mutate the builder as desired, then call push().