假设我有一个服务器,它在 url https://example.com/ 处提供一个 HTML 文件。这指的是 url https://test.com/mystyles.css 处的 css 文件.是否可以推mystyles.css文件旁边的 html 内容作为 HTTP2 连接的一部分,以便浏览器将使用此 css 内容?
我试图在我的本地主机上使用自签名证书创建这样一个请求(并且我已经在我的浏览器中为两个主机预先创建了一个安全异常(exception)),当请求到达时发送 html 文件 http://localhost/ ,并在 :authority 中推送具有不同主机名/端口的 css或 Host标题。但是,在整页刷新时,CSS 文件是在来自服务器的单独请求中获取的,而不是使用推送的 css 文件。
见 this gist对于我一直用来测试的文件。如果我访问 http://localhost:8080/那么文本是红色的,但如果我访问 http://test:8080/它是绿色的,表示如果来源相同,则使用推送的内容。
是否有需要使用的标题组合才能工作?可能调用 CORS?
最佳答案
是的,根据此 blog post from a Chrome developer advocate 在理论上是可能的从 2017 年开始。
As the owners of developers.google.com/web, we could get our server to push a response containing whatever we wanted for android.com, and set it to cache for a year.
...
You can't push assets for any origin, but you can push assets for origins which your connection is "authoritative" for.
If you look at the certificate for developers.google.com, you can see it's authoritative for all sorts of Google origins, including android.com.
Viewing certificate information in Chrome Now, I lied a little, because when we fetch android.com it'll perform a DNS lookup and see that it terminates at a different IP to developers.google.com, so it'll set up a new connection and miss our item in the push cache.
We could work around this using an ORIGIN frame. This lets the connection say "Hey, if you need anything from android.com, just ask me. No need to do any of that DNS stuff", as long as it's authoritative. This is useful for general connection coalescing, but it's pretty new and only supported in Firefox Nightly.
If you're using a CDN or some kind of shared host, take a look at the certificate, see which origins could start pushing content for your site. It's kinda terrifying. Thankfully, no host (that I'm aware of) offers full control over HTTP/2 push, and is unlikely to thanks to this little note in the spec: ...
实际上,如果您的证书对其他域具有权限并且它们托管在相同的 IP 地址上,这听起来似乎是可能的,但这也取决于浏览器的支持。我个人尝试用 Cloudflare 做到这一点,发现它们不支持跨域推送(类似于博文作者在 2017 年对 CDN 的观察)。
关于cross-domain - 是否可以进行 Http2 跨域推送请求?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36129591/