Bug 60276 - upgrade HTTP/2 can't use gzip compress.
Summary: upgrade HTTP/2 can't use gzip compress.
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 8
Classification: Unclassified
Component: Connectors (show other bugs)
Version: 8.5.6
Hardware: PC All
: P2 enhancement (vote)
Target Milestone: ----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-19 06:10 UTC by cnsilvan
Modified: 2018-01-27 06:26 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description cnsilvan 2016-10-19 06:10:06 UTC
Gzip compress is work when only use apr.But it doesn't work after upgrade Http/2;
Comment 1 Remy Maucherat 2016-10-19 06:40:28 UTC
I don't understand, can you explain the issue more thoroughly ?
Comment 2 cnsilvan 2016-10-19 07:09:57 UTC
In server.xml,like this:

<Connector .....			compressableMimeType="text/html,text/javascript"
compression="on" 
compressionMinSize="2048" 
noCompressionUserAgents="gozilla, traviata"
port="8443" 
protocol="org.apache.coyote.http11.Http11AprProtocol"
......... >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/>
<SSLHostConfig
	........../>
	</SSLHostConfig>
</Connector>

The compression="on" doesn't work when use this config.
But if I remove "UpgradeProtocol" element ,it works;


Simply put, when using http / 2, the compression function is not available.
Comment 3 cnsilvan 2016-10-19 07:12:41 UTC
(In reply to Remy Maucherat from comment #1)
> I don't understand, can you explain the issue more thoroughly ?

In server.xml,like this:

<Connector .....			compressableMimeType="text/html,text/javascript"
compression="on" 
compressionMinSize="2048" 
noCompressionUserAgents="gozilla, traviata"
port="8443" 
protocol="org.apache.coyote.http11.Http11AprProtocol"
......... >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/>
<SSLHostConfig
	........../>
	</SSLHostConfig>
</Connector>

The compression="on" doesn't work when use this config.
But if I remove "UpgradeProtocol" element ,it works;


Simply put, when using http / 2, the compression function is not available.
Comment 4 Remy Maucherat 2016-10-19 07:55:00 UTC
Ok. I would say it is unlikely integrated compression is implemented in HTTP/2 as it was in the HTTP/1.1. We'll see, but it's probably a good idea to plan to migrate to a different solution for compression.

Right now, there's also no provision to pull configuration from the Connector as well, the UpgradeProtocol element is independent.
Comment 5 cnsilvan 2016-10-19 09:58:52 UTC
(In reply to Remy Maucherat from comment #4)
> Ok. I would say it is unlikely integrated compression is implemented in
> HTTP/2 as it was in the HTTP/1.1. We'll see, but it's probably a good idea
> to plan to migrate to a different solution for compression.
> 
> Right now, there's also no provision to pull configuration from the
> Connector as well, the UpgradeProtocol element is independent.

Nginx can use gzip compression with http/2 module.
So I think, tomcat may also support.(sad...)
Maybe tomcat will support in the future...
Comment 6 Konstantin Kolinko 2016-10-19 13:26:02 UTC
I think that using compression with dynamic data (as in your configuration) is insecure. There are well-known CRIME and BREACH attacks. See

https://en.wikipedia.org/wiki/CRIME

Tomcat 8.5 and 9 can be configured to serve pre-compressed static files. This is configured with init-param "precompressed" of DefaultServlet.

http://tomcat.apache.org/tomcat-8.5-doc/default-servlet.html
Comment 7 cnsilvan 2016-10-20 09:22:43 UTC
(In reply to Konstantin Kolinko from comment #6)
> I think that using compression with dynamic data (as in your configuration)
> is insecure. There are well-known CRIME and BREACH attacks. See
> 
> https://en.wikipedia.org/wiki/CRIME
> 
> Tomcat 8.5 and 9 can be configured to serve pre-compressed static files.
> This is configured with init-param "precompressed" of DefaultServlet.
> 
> http://tomcat.apache.org/tomcat-8.5-doc/default-servlet.html

thank u!
Comment 8 Eduardo Guadalupe Quintanilla 2016-11-09 00:50:48 UTC
I had a similar issue, in my case it worked after adding 
useSendfile="false".
Comment 9 Mark Thomas 2017-12-01 12:01:06 UTC
Fixed in:
- trunk for 9.0.3 onwards
- 8.5.x for 8.5.25 onwards
Comment 10 pc8888 2018-01-27 05:30:50 UTC
tomcat 8.5.27, this problem is still not fixed.

Removed <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/> and gzip works again.


<Connector .....		
compression="on" 
port="443" 
protocol="org.apache.coyote.http11.Http11AprProtocol"
......... >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/>
<SSLHostConfig
	........../>
	</SSLHostConfig>
</Connector>
Comment 11 Remy Maucherat 2018-01-27 06:26:55 UTC
Please do not reopen the report. Please post on the user list if you need further assistance.