Skip to main content

http/3

Introduction

HTTP/3 is the 3rd major version of the HTTP protocol that powers the internet. In comparison with the previous version of http which relied on TCP, http/3 relies on QUIC.

QUIC

Specification published at 6th June, 2022

Developed initially at Google in 2012, had its way to IETF and public by 2022. A decade for completion and standardization !!!

Are the semantics like requests, methods, status codes still the same like previous versions of http/2?
yes, they still remain the same

The underlying mechanisms are changed, like http/3 uses space congestion control over UDP (User Datagram protocol)

Head-Of-Line Blocking (HOL)

This is a performance problem where there is a queue of packets built due to the first packet that is yet to be consumed.

We have browsers that have limits on the number of parallel requests that it can send to a server, when they are used up, as we anticipate, a Queue is formed for the newer requests that start accumulating the newer requests till the former requests are completely processed.

We had HTTP/2 to address this issue by the process of multiplexing which eliminates this HOL at the application layer. However there is still a blocking HOL in the TCP layer.

This was a bottleneck that limits the performance. Hence, QUIC solves this problem by using multiplexing with UDP and thereby removing the HOL with TCP.

So, we get to leverage good performance.

0-RTT

For any server and client that have been connected in the past, there is no formal introduction - acknowledgements. More like we talking to our friends without any formal introduction / waiting for they to acknowledge our greetings etc, so we make requests responded quick through (QUIC)

Encryption by Default

The data at the application layer will always be encrypted. There is no separate TCP handshake and TLS handshake which were distinct events in the previous versions of HTTP.

In this case how are the encryptions and connections managed?
QUIC sets up the encrypted connections at the transport layer. Since this is happening as a single action, applications does not need to perform a TCP handshake and a TLS handshake.

Further, packet number and few other headers are encrypted by default giving a tough time for the hackers to understand what is going on.

Are there apps out in http/3? 

yes, I have seen apps from Google, cloudflare using http3 for many of their apps. The below is the network capture in Google Chrome new tab which loads content from google


Browser Support

Most of the leading browsers support HTTP/3. Chrome (79 and onwards), Firefox (72 and onwards) etc

Web Server Support

Currently, the LiteSpeed Webserver supports HTTP/3. I did try it out for a Java App and realized that it was not easy as there were listeners and the team was not sure on the use of them. I feel that running an app on another webserver while using Litespeed as a proxy can be used to achieve support for HTTP/3.
I will try it out in the upcoming days and share my findings or steps for the same.

However, Kestrel, Nginx webservers do seem to have a good support for the HTTP/3. Also, IIS in Windows Server 2022 has support, looks like some registry keys are to be setup to enable HTTP3

We have just scratched the surface and as we delve into the details, things will get very interesting.

Labels:

Comments

Post a Comment

Popular posts from this blog

User Authentication schemes in a Multi-Tenant SaaS Application

User Authentication in Multi-Tenant SaaS Apps Introduction We will cover few scenarios that we can follow to perform the user authentication in a Multi-Tenant SaaS application. Scenario 1 - Global Users Authentication with Tenancy and Tenant forwarding In this scheme, we have the SaaS Provider Authentication gateway that takes care of Authentication of the users by performing the following steps Tenant Identification User Authentication User Authorization Forwarding the user to the tenant application / tenant pages in the SaaS App This demands that the SaaS provider authentication gateway be a scalable microservice that can take care of the load across all tenants. The database partitioning (horizontal or other means) is left upto the SaaS provider Service. Scenario 2 - Global Tenant Identification and User Authentication forwarding   In the above scenario, the tenant identification happens on part of the SaaS provider Tenant Identification gateway. Post which, ...
Post a Comment
Read more

Handling exceptions in the Executor service threads in Java

Introduction This is a continuation post on the exception handling strategies in the threads in Java. For Introduction, please read this post The second post is available here This post addresses the problem statement "How to use the exception handlers in the threads spawned by the Executor Service in Java?" Not all times, we will be using Thread  classes to run our threads because we have to manage a lot of the underlying logic for managing threads. There is ExecutorService in Java which comes to the rescue for the above problem. In the previous posts, we have discussed on how to handle the exceptions in plain threads. However, when using executor service, we do not create / manage threads, so how do we handle exception in this case. We have a ThreadFactory   as an argument which can be used to customize the way threads are created for use within the ExecutorService . The below snippet of code leverages this feature to illustrate the exception handling, wherein we creat...
Post a Comment
Read more

Upgrade from http1.1 to http2 for Java spring boot applications hosted in tomcat

In this post, we will list down the tasks to be done for enabling the HTTP 2.0 support in spring boot applications which are hosted in Apache tomcat webserver Application Level Changes Spring boot Application Configuration Changes server.http2.enabled=true In the spring boot application's application.properties file, we have to add the above line so that Spring boot can add the support for http2 Tomcat server configuration In the tomcat web server, we should have SSL enabled before doing the below change. To start with, we have to shutdown the tomcat server instance that is running CD to the directory that has tomcat installed and cd to the bin directory and run the below command sh shutdown.sh We have add the UpgradeProtocol  which adds the respective Http2Protocol handler classname to the connector pipeline that enables support for http2.0 <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" /> The above UpgradeProtocol can be added to the connec...
Post a Comment
Read more

SFTP and File Upload in SFTP using C# and Tamir. SShSharp

The right choice of SFTP Server for Windows OS Follow the following steps, 1. Download the server version from here . The application is here 2. Provide the Username, password and root path, i.e. the ftp destination. 3. The screen shot is given below for reference. 4. Now download the CoreFTP client from this link 5. The client settings will be as in this screen shot: 6. Now the code to upload files via SFTP will be as follows. //ip of the local machine and the username and password along with the file to be uploaded via SFTP. FileUploadUsingSftp("172.24.120.87", "ftpserveruser", "123456", @"D:\", @"Web.config"); private static void FileUploadUsingSftp(string FtpAddress, string FtpUserName, string FtpPassword, string FilePath, string FileName) { Sftp sftp = null; try { // Create instance for Sftp to upload given files using given credentials sf...
2 comments
Read more

Download CSV file using JavaScript fetch API

Downloading a CSV File from an API Using JavaScript Fetch API: A Step-by-Step Guide Introduction: Downloading files from an API is a common task in web development. This article walks you through the process of downloading a CSV file from an API using the Fetch API in JavaScript. We'll cover the basics of making API requests and handling file downloads, complete with a sample code snippet. Prerequisites: Ensure you have a basic understanding of JavaScript and web APIs. No additional libraries are required for this tutorial. Step 1: Creating the HTML Structure: Start by creating a simple HTML structure that includes a button to initiate the file download. <!DOCTYPE html> < html lang = "en" > < head > < meta charset = "UTF-8" > < meta name = "viewport" content = "width=device-width, initial-scale=1.0" > < title > CSV File Download </ title > </ head > < body > ...
Post a Comment
Read more