> It’s important to understand that HTTP/2 requires secure connectivity. Only websites with HTTPS enabled can take advantage of HTTP/2 and its performance optimizations, like server push and header compression.
If you assume the second sentence explains the first, then this is correct - only websites (i.e something designed to be consumed by browsers) with HTTPS can take advantage of HTTP/2.
This is true, but no mandate on encryption in the HTTP/2 standard was an deliberate decision, one of the very few differences between HTTP/2 and SPDY. But yes, practically, you can't use HTTP/2 without encryption nowadays.
How do people go about sending Link headers / configuring server push for resources with a changing hash in their filenames?
For example if you have your app.ab9a9a09fe9.js file, but then the next deploy you have your app.ba293dcde.js file... can you just set the resource to app.*.js somehow?
You can make it part of your build process to generate a file with the headers needed, and during deploy it gets copied and/or configures the web server/platform you're running on.
For example: a SPA webpack setup using html-webpack-plugin which generates the <script> tags in index.html for the different assets, later served by nginx or similar.
How does one tell nginx the names of the files to push if they are generated dynamically? You have to put the names in a separate file and then somehow configure the server using that file?
Yep, I already talked to Chris about it, thanks! I talked to you guys a week ago about HTTP/2 Push, I didn't know you'd have it ready so soon. I'm eager to get this working on stavros.io, so please feel free to email me so we can debug this!
How does Netlify handle caching of push file? I would love to push my global.css and global.js; however, I don't want those files to be pushed on every subsequent request.
Why would you need this? The use case of Server Push is to download resources earlier than a browser can request them, but will eventually require anyway.
Thanks for the reply, and good point. I guess I feel uneasy about letting the server "push" at will, for instance when dealing with mobile data plans. But come to think about it, I don't have much control on what I'll get once I visit a website.
Pedantically, this is not correct. HTTP/2 does not mandate any encryption. But, all the browser vendors only support HTTP/2 with TLS. https://http2.github.io/faq/#does-http2-require-encryption