What is HTTP2?
HTTP2 is the latest version of HTTP and brings with it speed and security benefits.
Hyper Text Transfer Protocol (HTTP) is the series of steps that web browsers communicate with web servers.
Each version of HTTP defines different features that can be used in these communications, things like compression, encryption, does the connection stay open between requests, how much data can be sent at a time, etc.
This allows multiple files to be downloaded on a single connection to the server, skipping the need for reconnecting and tearing down the underlying connection for each file.
From a practical standpoint HTTP/2 is only enabled for HTTPS/TLS secured connections increasing data security. This is not actually part of the formal HTTP/2 specification, but Chrome has opted to only enable it for HTTPS connections.
If a client can’t connect via HTTP2 it will seamlessly fall back to using HTTP1 making it very safe to switch.
Each request / response cycle from the browser to the server sends and receives a large number of headers. These headers specify everything from security options the browser should take to what language should be used.
Prior to HTTP2 these headers were not optimally compressed leading to bloated responses to even relatively small requests.
Real World HTTP2 Usage on Heroku
What you need to get started:
- Expedited WAF add-on is setup in front of your application.
How To Enable HTTP2 on Heroku
Heroku does not have a native function to enable HTTP/2 connections
Expedited WAF negotiates with each inbound request to determine if it’s possible to accellerate the request with HTTP/2 or fall back to HTTP/1.
By wrapping each request this is transparent to clients and just part of the Expedited WAF accelleration features.
- “SPDY” was a Google specific HTTP protocol which was an immediate precursor to HTTP2. Some additional features were added to it and it’s been ratified by the IETF as HTTP2
- HTTP2 (and site speed generally) are considered to be a SEO ranking factor
Learn more about HTTP2
Try Expedited WAF.
Get a Free Tee.
Option 1: Install Expedited WAF (the Web Application Firewall service that shields your Heroku applications from attacks) from the Heroku Elements Marketplace..
Seven days later we'll ask for some feedback and your (US or Canada only) shipping details.
Option 2: Select a Date & Time below to talk to us about your existing web application security framework and see how Expedited WAF can help better secure your Heroku applications.