Hi Andrea On Mon, Jan 4, 2016 at 5:16 PM, Andrea Faulds <a...@ajf.me> wrote:
> Hi Davey, > > Davey Shafik wrote [snip] We could also add a flag (e.g. --[no-]http2) on the CLI for >> enabling/disabling it — this would be helpful for testing HTTP/2 client >> fallback when it's not supported. >> > > Hmm, this would mean a new dependency, and more potential complexity. I'm > not sure if HTTP/2 justifies it. > This is the main reason I think it should be optional. But I do think HTTP/2 justifies it none-the-less. HTTP/2 has the potential to completely disrupt our HTTP architecture — it removes the need for things like JS/CSS inlining, JS/CSS minifying, CSS image sprites, domain sharding, and more. > Also, don't all the major client implementations of HTTP/2 require TLS? Or > is localhost given a free pass? All browser implementations do require TLS, most other clients do not. Given that cli-server is intended for development only so shipping some "self" signed certs might be fine. I'd suggest integrating with letsencrypt but they can't issue certs for localhost (no public CA can). > This is a much more useful tool than relying on node for make tests, and >> allows us to test adding HTTP/2 support to ext/curl, the HTTP stream >> (which >> could also use libnghttp2…), userland HTTP/2 clients, pecl_http (if that's >> still a thing), etc. >> > > If added, I suppose it would be useful for PHP developers testing HTTP/2 > features like Server Push, assuming the CLI server supported it. > If we use nghttp2 it should. Thanks, - Davey
