SlideShare a Scribd company logo

HTTP/2 - How it's changing web performance

Mateus Prado
Mateus Prado

How http2 and your features and improvements is changing the sites and web applications around the internet.

Technology
1 of 63
Download to read offline
How it’s changing web performance http/2 Mateus Prado
eventos145100
HTTP2 AGENDA ▸ History ▸ HTTP nowadays ▸ Improvements ▸ SPDY and HTTP2 ▸ Security
$WHOAMI MATEUS PRADO ▸ Software Developer, architect and systems engineer. ▸ I like software, hardware, cloud computing and airplanes. Web Master - IT Instructor - Software Developer - Systems Engineer - DevOps - Architect
HTTP WHAT IS IT?
HISTORY TCP/IP MODEL
HISTORY HYPERTEXT TRANSFER PROTOCOL “The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems.[1] HTTP is the foundation of data communication for the World Wide Web. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext.” - wikipedia.org
HTTP/0.9 HTTP/1.0 HTTP/1.1 1991 1996 1999 ‣ Images ‣ POST method ‣ Status Code ‣ Compress, gzip‣ Text ‣ Request ‣ Response
HTTP/1.1
WEBSITE OBESITY CRISIS
HTTP1.1 HTTP NOWADAYS ‣ IMAGES, FONTS, CSS, JS ‣ 100 REQUEST ‣ MOBILE CONNECTIONS, LATENCY ADDS UP ‣ LARGER HEADERS ‣ X-HEADER
Client Server HTTP/1.1 Request Response TCP Connection index.html style.css
Client Server KEEP-ALIVE TCP Connection HEADER Connection: keep-alive Request Response HEADER Connection: keep-alive
REQUEST RESPONSE
CONNECTIONS REQUESTS LOAD FASTER
HTTP1.1 CONNECTIONS ‣ REQUEST AND RESPONSE ON A CONNECTION ‣ MULTIPLE CONNECTIONS TO RENDER PAGE ‣ SCHEDULING AND PRIORITY
HTTP1.1 REQUESTS ‣ HTTP CACHING HEADER ‣ HACKS CONTENT
HTTP1.1 HTTP CACHING HTTP/1.1 200 OK CACHE-CONTROL: NO-TRANSFORM,PUBLIC,MAX-AGE=300,S-MAXAGE=900 CONTENT-TYPE: TEXT/HTML; CHARSET=UTF-8 DATE: MON, 29 APR 2013 16:38:15 GMT ETAG: "BBEA5DB7E1785119A7F94FDD504C546E" LAST-MODIFIED: SAT, 27 APR 2013 00:44:54 GMT SERVER: AMAZONS3 VARY: ACCEPT-ENCODING X-CACHE: HIT
HTTP1.1 HACKS ‣ MINIFY AND COMPRESS ‣ CSS SPRITES ‣ DATA URIS ‣ CSS AND JS TOGETHER
MINIFY
// The -is- object is used to identify the browser. Every browser edition // identifies itself, but there is no standard way of doing it, and some of // the identification is deceptive. This is because the authors of web // browsers are liars. For example, Microsoft's IE browsers claim to be // Mozilla 4. Netscape 6 claims to be version 5. var is = { ie: navigator.appName == 'Microsoft Internet Explorer', java: navigator.javaEnabled(), ns: navigator.appName == 'Netscape', ua: navigator.userAgent.toLowerCase(), version: parseFloat(navigator.appVersion.substr(21)) || parseFloat(navigator.appVersion), win: navigator.platform == 'Win32' } is.mac = is.ua.indexOf('mac') >= 0; if (is.ua.indexOf('opera') >= 0) { is.ie = is.ns = false; is.opera = true; } if (is.ua.indexOf('gecko') >= 0) { is.ie = is.ns = false; is.gecko = true; } var is={ie:navigator.appName=='Microsoft Internet Explorer',java:navigator.javaEnabled(),ns:n avigator.appName=='Netscape',ua:navigator.u serAgent.toLowerCase(),version:parseFloat(n avigator.appVersion.substr(21))|| parseFloat(navigator.appVersion),win:naviga tor.platform=='Win32'} is.mac=is.ua.indexOf('mac')>=0;if(is.ua.ind exOf('opera')>=0) {is.ie=is.ns=false;is.opera=true;} if(is.ua.indexOf('gecko')>=0) {is.ie=is.ns=false;is.gecko=true;} before after
COMPRESS
GET /encrypted-area HTTP/1.1 Host: www.example.com Accept-Encoding: gzip, deflate HTTP/1.1 200 OK Date: mon, 29 Feb 2016 22:38:34 GMT Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip REQUEST RESPONSE
CSS SPRITES
.facebook-ico, .plus-ico, .user-ico, … { background-image: url('../images/icons.png'); background-repeat: no-repeat; } .facebook-ico { height: 128px; background-position: -5px -5px; } .user-ico { height: 135px; background-position: -5px -143px; } .cms-ico { height: 147px; background-position: -5px -288px; } ...
DATA URIS
data:[<MIME-type>][;charset=<encoding>][;base64],<data> <img width="64" height="69" alt="Treehouse Logo" src="data:image/ png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABFCAYAA AD6pOBtAAAABmJLR0QA/wD/AP +gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH3g MbBwwfAKopzQAAEfdJREFUeNrVW3uUHFWZ...">
HTTP1.1 LOAD FASTER ‣ PUT STYLESHEETS AT THE TOP ‣ PUT SCRIPTS AT THE BOTTOM
STYLESHEETS AT <HEAD>
<html> <head> <link rel="stylesheet" type="text/css" href="mystyle.css"> </head> <body> </body> </html>
0.1 SECOND 1.0 SECOND 10 SECONDS
SCRIPTS AT <BODY>
<html> <head> <link rel="stylesheet" type="text/css" href=“mystyle.css"> </head> <body> </body> <script src=“myscripts.js" defer></script> </html>
HTTP/2
2009-2015 SPDY DISCONTINUED “SPDY (pronounced speedy)[1] is an open networking protocol developed primarily at Google for transporting web content.[1] SPDY manipulates HTTP traffic, with particular goals of reducing web page load latency and improving web security. SPDY achieves reduced latency through compression, multiplexing, and prioritization,[1] although this depends on a combination of network and website deployment conditions. [2][3][4] The name "SPDY" is a trademark[5] of Google and is not an acronym.[6]” - wikipedia.org
HTTP/2 HOW IT AFFECT USERS? ‣ PERFORMANCE ‣ SECURITY*
PERFORMANCE
LATENCY NETWORK AND SERVER RESOURCE USAGE
SINGLE CONNECTION
HPACK HEADER COMPRESSION
REQUEST EXAMPLE HTTP/1.1 GET / HTTP/1.1 Host: www.saraiva.com.br Accept: text/html Accept-Encoding: gzip User-Agent User-Agent Mozilla/5.0 (Macintosh; Cache-Control: max-age=0 GET /assets/style.css HTTP/1.1 Host: www.saraiva.com.br Accept: text/html Accept-Encoding: gzip User-Agent User-Agent Mozilla/5.0 (Macintosh; Cache-Control: max-age=0
HPACK HTTP/2 :method: GET :scheme: http :host: www.saraiva.com.br :path: /index.html accept-encoding: gzip user-agent: Mozilla/5.0 (Macintosh; cache-control: max-age=0 :path: /assets/style.css :path /images/saraiva-logo.png :host: cdn.saraiva.com.br :path: /beacon/track.jpeg :host: beacon.saraiva.com.br cache-control: private, max-age=0, no-cache
HPACK
Client Server MULTIPLEXING index.html js css png TCP Connection
Client Server SERVER PUSH index.html TCP Connection index.html style.css application.js logo.svg
<head><script async="true" type="text/javascript" src="http://widget.criteo.com/event?a=14416&amp;v=3.6.1&amp;p0=e%3Dce%26m%3D%255Bmateus %252540mateusprado.com%255D%26h%3Dnone&amp;p1=e%3Dexd%26site_type%3Dd&amp;p2=e%3Dvh&amp;p3=e%3Ddis&amp;adce=1" data-owner="criteo-tag"></script> <title>Saraiva.com.br: Livros, Tablets, Blu-Ray, Eletrônicos, Notebooks, Smartphones e mais.</title> <script>window.chaordic_meta = {"page":{"name":"home","timestamp":new Date()}}</script> <script async="" defer="" src="//static.chaordicsystems.com/static/loader.js" data-initialize="false" data-apikey="saraiva-v5"></script> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/styles.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/footer.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/responsive.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/medias_queries.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/default/onsale/css/onsale_label.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/apptha-reviews/css/amazereviews.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/base/default/saraiva/jplayer/main.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/responsive/css/structure/menu.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/base/default/saraiva/swiper/idangerous.swiper.css?cache=MjAxNjAyMTE=" media="all"> <script type="text/javascript" src="http://www.saraiva.com.br/js/prototype/prototype.js?cache=MjAxNjAyMTE="></script> <script type="text/javascript" src="http://www.saraiva.com.br/js/prototype/validation.js?cache=MjAxNjAyMTE="></script> <script type="text/javascript" src="http://www.saraiva.com.br/js/scriptaculous/effects.js?cache=MjAxNjAyMTE="></script> <script type="text/javascript" src="http://www.saraiva.com.br/js/varien/js.js?cache=MjAxNjAyMTE="></script>
HTTP/2 BINARY 01010101010100 0101001 010011010101 01010101010100 0101001 01001101010101010101010100010101010101000101001 010011010101 01010010101010100010111 010011010101
HTTP/2 BINARY ‣ MORE EFFICIENT TO PARSE ‣ COMPACT “ON THE WIRE” ‣ LESS ERROR-PRONE ‣ WHITESPACE HANDLING, CAPITALIZATION, LINE ENDINGS
Four different ways to parse a message in HTTP/1.1 in HTTP/2 there’s just one code path
SECURITY SSL & TLS
SECURITY SSL & TLS ‣ 13,2% SSL 2.0 - RFC6176 DEFICIENCIES ‣ 42,3% SSL 3.0 - KILLED BY THE POODLE ATTACK
 ‣ 99,7% TLS 1.0 - BEAST ATTACK ‣ 52,2% TLS 1.1 ‣ 58.1% TLS 1.2
HTTP/2 IS USED BY 6.6% OF ALL THE WEBSITES.
ACTION PLAN HTTP/2
ACTION PLAN ‣ CHECK THE METRICS - HIGH ‣ TLS - HIGH ‣ OK TO HOST? ‣ UPDATE YOUR WEB SERVER
THANK YOU! REFERENCES ▸ https://http2.github.io ▸ httpwg.org ▸ The Internet Engineering 
 Task Force (IETF®) ▸ HTTP/2 - RFC7540 ▸ HPACK - RFC7541 TWITTER: @MATEUSPRADO HANGOUT: MATEUSH.PRADO@GMAIL.COM

Recommended

HTTP2
HTTP2HTTP2
HTTP2Mateus Prado
 
Websocket protocol overview
Websocket protocol overviewWebsocket protocol overview
Websocket protocol overviewallenmeng
 
Open web mail setup
Open web mail setupOpen web mail setup
Open web mail setupChacheng Oo
 
TLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingTLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingPatrick Meenan
 
Apache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsApache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsJean-Frederic Clere
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSocketsRoland M
 
Die .htaccess richtig nutzen
Die .htaccess richtig nutzenDie .htaccess richtig nutzen
Die .htaccess richtig nutzenWalter Ebert
 
Enhancing Mobile User Experience with WebSocket
Enhancing Mobile User Experience with WebSocketEnhancing Mobile User Experience with WebSocket
Enhancing Mobile User Experience with WebSocketMauricio "Maltron" Leal
 

Recommended

HTTP2
HTTP2HTTP2
HTTP2Mateus Prado
 
Websocket protocol overview
Websocket protocol overviewWebsocket protocol overview
Websocket protocol overviewallenmeng
 
Open web mail setup
Open web mail setupOpen web mail setup
Open web mail setupChacheng Oo
 
TLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingTLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingPatrick Meenan
 
Apache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsApache Httpd and TLS certificates validations
Apache Httpd and TLS certificates validationsJean-Frederic Clere
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSocketsRoland M
 
Die .htaccess richtig nutzen
Die .htaccess richtig nutzenDie .htaccess richtig nutzen
Die .htaccess richtig nutzenWalter Ebert
 
Enhancing Mobile User Experience with WebSocket
Enhancing Mobile User Experience with WebSocketEnhancing Mobile User Experience with WebSocket
Enhancing Mobile User Experience with WebSocketMauricio "Maltron" Leal
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSocketsGunnar Hillert
 
Web tech 101
Web tech 101Web tech 101
Web tech 101Dan Phiffer
 
HTTPS + Let's Encrypt
HTTPS + Let's EncryptHTTPS + Let's Encrypt
HTTPS + Let's EncryptWalter Ebert
 
Capistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient wayCapistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient waySylvain Rayé
 
Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo
 
The HTML5 WebSocket API
The HTML5 WebSocket APIThe HTML5 WebSocket API
The HTML5 WebSocket APIDavid Lindkvist
 
Groovy VFS
Groovy VFSGroovy VFS
Groovy VFSSchalk Cronjé
 
HTML5 WebSocket Introduction
HTML5 WebSocket IntroductionHTML5 WebSocket Introduction
HTML5 WebSocket IntroductionMarcelo Jabali
 
Camelone-2012 HTML5 WebSocket ActiveMQ/Camel
Camelone-2012 HTML5 WebSocket ActiveMQ/CamelCamelone-2012 HTML5 WebSocket ActiveMQ/Camel
Camelone-2012 HTML5 WebSocket ActiveMQ/CamelCharles Moulliard
 
COMET in Plone
COMET in PloneCOMET in Plone
COMET in PloneChristian Scholz
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesOVHcloud
 
Magento 2 Capistrano Deploy
Magento 2 Capistrano DeployMagento 2 Capistrano Deploy
Magento 2 Capistrano DeployDuke Dao
 
Websocket shanon
Websocket shanonWebsocket shanon
Websocket shanonTakafumi Ikeda
 
Attacking Big Data Land
Attacking Big Data LandAttacking Big Data Land
Attacking Big Data LandJeremy Brown
 
Hacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtHacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtRaghav Bisht
 
How containers helped a SaaS startup be developed and go live
How containers helped a SaaS startup be developed and go liveHow containers helped a SaaS startup be developed and go live
How containers helped a SaaS startup be developed and go liveRamon Navarro
 
A Node.JS bag of goodies for analyzing Web Traffic
A Node.JS bag of goodies for analyzing Web TrafficA Node.JS bag of goodies for analyzing Web Traffic
A Node.JS bag of goodies for analyzing Web TrafficPhilip Tellis
 
An introduction to php shells
An introduction to php shellsAn introduction to php shells
An introduction to php shellsRichieSM
 
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...NoNameCon
 
Curl Tutorial
Curl Tutorial Curl Tutorial
Curl Tutorial Ankireddy Polu
 
Low Complexity + Low Cost = High Availability
Low Complexity + Low Cost = High AvailabilityLow Complexity + Low Cost = High Availability
Low Complexity + Low Cost = High AvailabilityUptime Institute
 
Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Jim Manico
 

More Related Content

What's hot

Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSocketsGunnar Hillert
 
HTTPS + Let's Encrypt
HTTPS + Let's EncryptHTTPS + Let's Encrypt
HTTPS + Let's EncryptWalter Ebert
 
Capistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient wayCapistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient waySylvain Rayé
 
Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo
 
HTML5 WebSocket Introduction
HTML5 WebSocket IntroductionHTML5 WebSocket Introduction
HTML5 WebSocket IntroductionMarcelo Jabali
 
Camelone-2012 HTML5 WebSocket ActiveMQ/Camel
Camelone-2012 HTML5 WebSocket ActiveMQ/CamelCamelone-2012 HTML5 WebSocket ActiveMQ/Camel
Camelone-2012 HTML5 WebSocket ActiveMQ/CamelCharles Moulliard
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesOVHcloud
 
Magento 2 Capistrano Deploy
Magento 2 Capistrano DeployMagento 2 Capistrano Deploy
Magento 2 Capistrano DeployDuke Dao
 
Attacking Big Data Land
Attacking Big Data LandAttacking Big Data Land
Attacking Big Data LandJeremy Brown
 
Hacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtHacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtRaghav Bisht
 
How containers helped a SaaS startup be developed and go live
How containers helped a SaaS startup be developed and go liveHow containers helped a SaaS startup be developed and go live
How containers helped a SaaS startup be developed and go liveRamon Navarro
 
A Node.JS bag of goodies for analyzing Web Traffic
A Node.JS bag of goodies for analyzing Web TrafficA Node.JS bag of goodies for analyzing Web Traffic
A Node.JS bag of goodies for analyzing Web TrafficPhilip Tellis
 
An introduction to php shells
An introduction to php shellsAn introduction to php shells
An introduction to php shellsRichieSM
 
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...NoNameCon
 

What's hot (20)

Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSockets
 
Web tech 101
Web tech 101Web tech 101
Web tech 101
 
HTTPS + Let's Encrypt
HTTPS + Let's EncryptHTTPS + Let's Encrypt
HTTPS + Let's Encrypt
 
Capistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient wayCapistrano deploy Magento project in an efficient way
Capistrano deploy Magento project in an efficient way
 
Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101Seravo.com: WordPress Security 101
Seravo.com: WordPress Security 101
 
The HTML5 WebSocket API
The HTML5 WebSocket APIThe HTML5 WebSocket API
The HTML5 WebSocket API
 
Groovy VFS
Groovy VFSGroovy VFS
Groovy VFS
 
HTML5 WebSocket Introduction
HTML5 WebSocket IntroductionHTML5 WebSocket Introduction
HTML5 WebSocket Introduction
 
Camelone-2012 HTML5 WebSocket ActiveMQ/Camel
Camelone-2012 HTML5 WebSocket ActiveMQ/CamelCamelone-2012 HTML5 WebSocket ActiveMQ/Camel
Camelone-2012 HTML5 WebSocket ActiveMQ/Camel
 
COMET in Plone
COMET in PloneCOMET in Plone
COMET in Plone
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy Tales
 
Magento 2 Capistrano Deploy
Magento 2 Capistrano DeployMagento 2 Capistrano Deploy
Magento 2 Capistrano Deploy
 
Websocket shanon
Websocket shanonWebsocket shanon
Websocket shanon
 
Attacking Big Data Land
Attacking Big Data LandAttacking Big Data Land
Attacking Big Data Land
 
Hacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtHacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav Bisht
 
How containers helped a SaaS startup be developed and go live
How containers helped a SaaS startup be developed and go liveHow containers helped a SaaS startup be developed and go live
How containers helped a SaaS startup be developed and go live
 
A Node.JS bag of goodies for analyzing Web Traffic
A Node.JS bag of goodies for analyzing Web TrafficA Node.JS bag of goodies for analyzing Web Traffic
A Node.JS bag of goodies for analyzing Web Traffic
 
An introduction to php shells
An introduction to php shellsAn introduction to php shells
An introduction to php shells
 
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
 
Curl Tutorial
Curl Tutorial Curl Tutorial
Curl Tutorial
 

Viewers also liked

Low Complexity + Low Cost = High Availability
Low Complexity + Low Cost = High AvailabilityLow Complexity + Low Cost = High Availability
Low Complexity + Low Cost = High AvailabilityUptime Institute
 
Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Jim Manico
 
Projetos e estruturação de ambientes de Data Center
Projetos e estruturação de ambientes de Data CenterProjetos e estruturação de ambientes de Data Center
Projetos e estruturação de ambientes de Data CenterMateus Prado
 
Http:2.0 101 introduction (workshop) - Bastian Hofmann
Http:2.0 101 introduction (workshop) - Bastian HofmannHttp:2.0 101 introduction (workshop) - Bastian Hofmann
Http:2.0 101 introduction (workshop) - Bastian HofmannUNICORNS IN TECH
 
Secure Data Center for Enterprise— Threat Management with NextGen IPS
Secure Data Center for Enterprise— Threat Management with NextGen IPSSecure Data Center for Enterprise— Threat Management with NextGen IPS
Secure Data Center for Enterprise— Threat Management with NextGen IPSCisco Russia
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! Prathan Phongthiproek
 
PCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton ChuvakinPCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton ChuvakinAnton Chuvakin
 
Enterprise data center design and methodology
Enterprise data center design and methodologyEnterprise data center design and methodology
Enterprise data center design and methodologyCarlos León Araujo
 
Coursera & Khan Academy on the Social Web
Coursera & Khan Academy on the Social WebCoursera & Khan Academy on the Social Web
Coursera & Khan Academy on the Social WebJakub Ruzicka
 
Web Services Security Tutorial
Web Services Security TutorialWeb Services Security Tutorial
Web Services Security TutorialJorgen Thelin
 
Data Mining and Machine Learning
Data Mining and Machine LearningData Mining and Machine Learning
Data Mining and Machine LearningJakub Ruzicka
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013Ramiro Cid
 
Data Center Migration Essentials - Adam Saint-Prix Tim Wong
Data Center Migration Essentials - Adam Saint-Prix Tim WongData Center Migration Essentials - Adam Saint-Prix Tim Wong
Data Center Migration Essentials - Adam Saint-Prix Tim WongAtlassian
 
State of OWASP 2015
State of OWASP 2015State of OWASP 2015
State of OWASP 2015tmd800
 
RSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP TrainingRSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP TrainingJim Manico
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListSriramITISConsultant
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1Tanmay Shinde
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2Tanmay Shinde
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesSoftware Guru
 

Viewers also liked (20)

Low Complexity + Low Cost = High Availability
Low Complexity + Low Cost = High AvailabilityLow Complexity + Low Cost = High Availability
Low Complexity + Low Cost = High Availability
 
Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2
 
Projetos e estruturação de ambientes de Data Center
Projetos e estruturação de ambientes de Data CenterProjetos e estruturação de ambientes de Data Center
Projetos e estruturação de ambientes de Data Center
 
Http:2.0 101 introduction (workshop) - Bastian Hofmann
Http:2.0 101 introduction (workshop) - Bastian HofmannHttp:2.0 101 introduction (workshop) - Bastian Hofmann
Http:2.0 101 introduction (workshop) - Bastian Hofmann
 
Secure Data Center for Enterprise— Threat Management with NextGen IPS
Secure Data Center for Enterprise— Threat Management with NextGen IPSSecure Data Center for Enterprise— Threat Management with NextGen IPS
Secure Data Center for Enterprise— Threat Management with NextGen IPS
 
OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure! OWASP Day - OWASP Day - Lets secure!
OWASP Day - OWASP Day - Lets secure!
 
PCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton ChuvakinPCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
 
Enterprise data center design and methodology
Enterprise data center design and methodologyEnterprise data center design and methodology
Enterprise data center design and methodology
 
Coursera & Khan Academy on the Social Web
Coursera & Khan Academy on the Social WebCoursera & Khan Academy on the Social Web
Coursera & Khan Academy on the Social Web
 
Web Services Security Tutorial
Web Services Security TutorialWeb Services Security Tutorial
Web Services Security Tutorial
 
ISO 27001:2013 - Changes
ISO 27001:2013 - ChangesISO 27001:2013 - Changes
ISO 27001:2013 - Changes
 
Data Mining and Machine Learning
Data Mining and Machine LearningData Mining and Machine Learning
Data Mining and Machine Learning
 
ISO/IEC 27001:2013
ISO/IEC 27001:2013ISO/IEC 27001:2013
ISO/IEC 27001:2013
 
Data Center Migration Essentials - Adam Saint-Prix Tim Wong
Data Center Migration Essentials - Adam Saint-Prix Tim WongData Center Migration Essentials - Adam Saint-Prix Tim Wong
Data Center Migration Essentials - Adam Saint-Prix Tim Wong
 
State of OWASP 2015
State of OWASP 2015State of OWASP 2015
State of OWASP 2015
 
RSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP TrainingRSA Europe 2013 OWASP Training
RSA Europe 2013 OWASP Training
 
ISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_ListISO 27001 Implementation_Documentation_Mandatory_List
ISO 27001 Implementation_Documentation_Mandatory_List
 
ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1ISO 27001 - information security user awareness training presentation - Part 1
ISO 27001 - information security user awareness training presentation - Part 1
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application Vulnerabilities
 

Similar to HTTP/2 - How it's changing web performance

OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveOWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveCheckmarx
 
V2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketV2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketbrent bucci
 
Website Testing Practices
Website Testing PracticesWebsite Testing Practices
Website Testing Practicesdeseomar
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelpurpleocean
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basicMksYi
 
Building ContinuousIntegration with Virtuozzo DevOps
Building ContinuousIntegration with Virtuozzo DevOpsBuilding ContinuousIntegration with Virtuozzo DevOps
Building ContinuousIntegration with Virtuozzo DevOpsVirtuozzo
 
Scaleable PHP Applications in Kubernetes
Scaleable PHP Applications in KubernetesScaleable PHP Applications in Kubernetes
Scaleable PHP Applications in KubernetesRobert Lemke
 
Mazda siv - web services
Mazda siv - web servicesMazda siv - web services
Mazda siv - web servicesOlivier Lépine
 
ONOS SDN Controller - Introduction
ONOS SDN Controller - IntroductionONOS SDN Controller - Introduction
ONOS SDN Controller - IntroductionEueung Mulyana
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainInfosecTrain
 
[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac Dawson
[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac Dawson[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac Dawson
[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac DawsonCODE BLUE
 
"Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R...
"Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R..."Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R...
"Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R...Fwdays
 
FIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE
 
Why progressive apps for WordPress - WordSesh 2020
Why progressive apps for WordPress - WordSesh 2020Why progressive apps for WordPress - WordSesh 2020
Why progressive apps for WordPress - WordSesh 2020Imran Sayed
 
HTML5 on Mobile
HTML5 on MobileHTML5 on Mobile
HTML5 on MobileAdam Lu
 

Similar to HTTP/2 - How it's changing web performance (20)

OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveOWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
 
V2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocketV2 peter-lubbers-sf-jug-websocket
V2 peter-lubbers-sf-jug-websocket
 
gofortution
gofortutiongofortution
gofortution
 
2016 03 15_biological_databases_part4
2016 03 15_biological_databases_part42016 03 15_biological_databases_part4
2016 03 15_biological_databases_part4
 
Website Testing Practices
Website Testing PracticesWebsite Testing Practices
Website Testing Practices
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannel
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
 
Building ContinuousIntegration with Virtuozzo DevOps
Building ContinuousIntegration with Virtuozzo DevOpsBuilding ContinuousIntegration with Virtuozzo DevOps
Building ContinuousIntegration with Virtuozzo DevOps
 
Scaleable PHP Applications in Kubernetes
Scaleable PHP Applications in KubernetesScaleable PHP Applications in Kubernetes
Scaleable PHP Applications in Kubernetes
 
Mazda siv - web services
Mazda siv - web servicesMazda siv - web services
Mazda siv - web services
 
A practitioner's tale on clouds
A practitioner's tale on cloudsA practitioner's tale on clouds
A practitioner's tale on clouds
 
ONOS SDN Controller - Introduction
ONOS SDN Controller - IntroductionONOS SDN Controller - Introduction
ONOS SDN Controller - Introduction
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ Infosectrain
 
[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac Dawson
[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac Dawson[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac Dawson
[CB16] 80時間でWebを一周:クロムミウムオートメーションによるスケーラブルなフィンガープリント by Isaac Dawson
 
"Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R...
"Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R..."Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R...
"Hidden difficulties of debugger implementation for .NET WASM apps", Andrii R...
 
FIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart Systems
 
Why progressive apps for WordPress - WordSesh 2020
Why progressive apps for WordPress - WordSesh 2020Why progressive apps for WordPress - WordSesh 2020
Why progressive apps for WordPress - WordSesh 2020
 
URL Design
URL DesignURL Design
URL Design
 
HTML5 on Mobile
HTML5 on MobileHTML5 on Mobile
HTML5 on Mobile
 
Transforming WebSockets
Transforming WebSocketsTransforming WebSockets
Transforming WebSockets
 

More from Mateus Prado

DevOps Behind the Scenes
DevOps Behind the ScenesDevOps Behind the Scenes
DevOps Behind the ScenesMateus Prado
 
DevOps Toolkit - DevOps Day Salvador
DevOps Toolkit - DevOps Day SalvadorDevOps Toolkit - DevOps Day Salvador
DevOps Toolkit - DevOps Day SalvadorMateus Prado
 
Infra Agil: How the Ops teams delivery and operate the infrastructures in the...
Infra Agil: How the Ops teams delivery and operate the infrastructures in the...Infra Agil: How the Ops teams delivery and operate the infrastructures in the...
Infra Agil: How the Ops teams delivery and operate the infrastructures in the...Mateus Prado
 
DevOps: ready for takeoff?
DevOps: ready for takeoff?DevOps: ready for takeoff?
DevOps: ready for takeoff?Mateus Prado
 
Microservices Architecture
Microservices ArchitectureMicroservices Architecture
Microservices ArchitectureMateus Prado
 
DevOps - Como remover barreiras para a adoção?
DevOps - Como remover barreiras para a adoção?DevOps - Como remover barreiras para a adoção?
DevOps - Como remover barreiras para a adoção?Mateus Prado
 

More from Mateus Prado (8)

DevOps Behind the Scenes
DevOps Behind the ScenesDevOps Behind the Scenes
DevOps Behind the Scenes
 
DevOps Toolkit - DevOps Day Salvador
DevOps Toolkit - DevOps Day SalvadorDevOps Toolkit - DevOps Day Salvador
DevOps Toolkit - DevOps Day Salvador
 
Infra Agil: How the Ops teams delivery and operate the infrastructures in the...
Infra Agil: How the Ops teams delivery and operate the infrastructures in the...Infra Agil: How the Ops teams delivery and operate the infrastructures in the...
Infra Agil: How the Ops teams delivery and operate the infrastructures in the...
 
DevOps Toolkit
DevOps ToolkitDevOps Toolkit
DevOps Toolkit
 
DevOps: ready for takeoff?
DevOps: ready for takeoff?DevOps: ready for takeoff?
DevOps: ready for takeoff?
 
Microservices Architecture
Microservices ArchitectureMicroservices Architecture
Microservices Architecture
 
Microservices
MicroservicesMicroservices
Microservices
 
DevOps - Como remover barreiras para a adoção?
DevOps - Como remover barreiras para a adoção?DevOps - Como remover barreiras para a adoção?
DevOps - Como remover barreiras para a adoção?
 

Recently uploaded

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 

HTTP/2 - How it's changing web performance

  • 1. How it’s changing web performance http/2 Mateus Prado
  • 3. HTTP2 AGENDA ▸ History ▸ HTTP nowadays ▸ Improvements ▸ SPDY and HTTP2 ▸ Security
  • 4. $WHOAMI MATEUS PRADO ▸ Software Developer, architect and systems engineer. ▸ I like software, hardware, cloud computing and airplanes. Web Master - IT Instructor - Software Developer - Systems Engineer - DevOps - Architect
  • 7. HISTORY HYPERTEXT TRANSFER PROTOCOL “The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems.[1] HTTP is the foundation of data communication for the World Wide Web. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext.” - wikipedia.org
  • 8.
  • 9. HTTP/0.9 HTTP/1.0 HTTP/1.1 1991 1996 1999 ‣ Images ‣ POST method ‣ Status Code ‣ Compress, gzip‣ Text ‣ Request ‣ Response
  • 12.
  • 13.
  • 14. HTTP1.1 HTTP NOWADAYS ‣ IMAGES, FONTS, CSS, JS ‣ 100 REQUEST ‣ MOBILE CONNECTIONS, LATENCY ADDS UP ‣ LARGER HEADERS ‣ X-HEADER
  • 16. Client Server KEEP-ALIVE TCP Connection HEADER Connection: keep-alive Request Response HEADER Connection: keep-alive
  • 18.
  • 20. HTTP1.1 CONNECTIONS ‣ REQUEST AND RESPONSE ON A CONNECTION ‣ MULTIPLE CONNECTIONS TO RENDER PAGE ‣ SCHEDULING AND PRIORITY
  • 21. HTTP1.1 REQUESTS ‣ HTTP CACHING HEADER ‣ HACKS CONTENT
  • 22. HTTP1.1 HTTP CACHING HTTP/1.1 200 OK CACHE-CONTROL: NO-TRANSFORM,PUBLIC,MAX-AGE=300,S-MAXAGE=900 CONTENT-TYPE: TEXT/HTML; CHARSET=UTF-8 DATE: MON, 29 APR 2013 16:38:15 GMT ETAG: "BBEA5DB7E1785119A7F94FDD504C546E" LAST-MODIFIED: SAT, 27 APR 2013 00:44:54 GMT SERVER: AMAZONS3 VARY: ACCEPT-ENCODING X-CACHE: HIT
  • 23. HTTP1.1 HACKS ‣ MINIFY AND COMPRESS ‣ CSS SPRITES ‣ DATA URIS ‣ CSS AND JS TOGETHER
  • 25. // The -is- object is used to identify the browser. Every browser edition // identifies itself, but there is no standard way of doing it, and some of // the identification is deceptive. This is because the authors of web // browsers are liars. For example, Microsoft's IE browsers claim to be // Mozilla 4. Netscape 6 claims to be version 5. var is = { ie: navigator.appName == 'Microsoft Internet Explorer', java: navigator.javaEnabled(), ns: navigator.appName == 'Netscape', ua: navigator.userAgent.toLowerCase(), version: parseFloat(navigator.appVersion.substr(21)) || parseFloat(navigator.appVersion), win: navigator.platform == 'Win32' } is.mac = is.ua.indexOf('mac') >= 0; if (is.ua.indexOf('opera') >= 0) { is.ie = is.ns = false; is.opera = true; } if (is.ua.indexOf('gecko') >= 0) { is.ie = is.ns = false; is.gecko = true; } var is={ie:navigator.appName=='Microsoft Internet Explorer',java:navigator.javaEnabled(),ns:n avigator.appName=='Netscape',ua:navigator.u serAgent.toLowerCase(),version:parseFloat(n avigator.appVersion.substr(21))|| parseFloat(navigator.appVersion),win:naviga tor.platform=='Win32'} is.mac=is.ua.indexOf('mac')>=0;if(is.ua.ind exOf('opera')>=0) {is.ie=is.ns=false;is.opera=true;} if(is.ua.indexOf('gecko')>=0) {is.ie=is.ns=false;is.gecko=true;} before after
  • 27. GET /encrypted-area HTTP/1.1 Host: www.example.com Accept-Encoding: gzip, deflate HTTP/1.1 200 OK Date: mon, 29 Feb 2016 22:38:34 GMT Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip REQUEST RESPONSE
  • 29. .facebook-ico, .plus-ico, .user-ico, … { background-image: url('../images/icons.png'); background-repeat: no-repeat; } .facebook-ico { height: 128px; background-position: -5px -5px; } .user-ico { height: 135px; background-position: -5px -143px; } .cms-ico { height: 147px; background-position: -5px -288px; } ...
  • 31. data:[<MIME-type>][;charset=<encoding>][;base64],<data> <img width="64" height="69" alt="Treehouse Logo" src="data:image/ png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABFCAYAA AD6pOBtAAAABmJLR0QA/wD/AP +gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH3g MbBwwfAKopzQAAEfdJREFUeNrVW3uUHFWZ...">
  • 32. HTTP1.1 LOAD FASTER ‣ PUT STYLESHEETS AT THE TOP ‣ PUT SCRIPTS AT THE BOTTOM
  • 34. <html> <head> <link rel="stylesheet" type="text/css" href="mystyle.css"> </head> <body> </body> </html>
  • 37. <html> <head> <link rel="stylesheet" type="text/css" href=“mystyle.css"> </head> <body> </body> <script src=“myscripts.js" defer></script> </html>
  • 39. 2009-2015 SPDY DISCONTINUED “SPDY (pronounced speedy)[1] is an open networking protocol developed primarily at Google for transporting web content.[1] SPDY manipulates HTTP traffic, with particular goals of reducing web page load latency and improving web security. SPDY achieves reduced latency through compression, multiplexing, and prioritization,[1] although this depends on a combination of network and website deployment conditions. [2][3][4] The name "SPDY" is a trademark[5] of Google and is not an acronym.[6]” - wikipedia.org
  • 40. HTTP/2 HOW IT AFFECT USERS? ‣ PERFORMANCE ‣ SECURITY*
  • 42. LATENCY NETWORK AND SERVER RESOURCE USAGE
  • 45. REQUEST EXAMPLE HTTP/1.1 GET / HTTP/1.1 Host: www.saraiva.com.br Accept: text/html Accept-Encoding: gzip User-Agent User-Agent Mozilla/5.0 (Macintosh; Cache-Control: max-age=0 GET /assets/style.css HTTP/1.1 Host: www.saraiva.com.br Accept: text/html Accept-Encoding: gzip User-Agent User-Agent Mozilla/5.0 (Macintosh; Cache-Control: max-age=0
  • 46. HPACK HTTP/2 :method: GET :scheme: http :host: www.saraiva.com.br :path: /index.html accept-encoding: gzip user-agent: Mozilla/5.0 (Macintosh; cache-control: max-age=0 :path: /assets/style.css :path /images/saraiva-logo.png :host: cdn.saraiva.com.br :path: /beacon/track.jpeg :host: beacon.saraiva.com.br cache-control: private, max-age=0, no-cache
  • 47. HPACK
  • 49. Client Server SERVER PUSH index.html TCP Connection index.html style.css application.js logo.svg
  • 50.
  • 51. <head><script async="true" type="text/javascript" src="http://widget.criteo.com/event?a=14416&amp;v=3.6.1&amp;p0=e%3Dce%26m%3D%255Bmateus %252540mateusprado.com%255D%26h%3Dnone&amp;p1=e%3Dexd%26site_type%3Dd&amp;p2=e%3Dvh&amp;p3=e%3Ddis&amp;adce=1" data-owner="criteo-tag"></script> <title>Saraiva.com.br: Livros, Tablets, Blu-Ray, Eletrônicos, Notebooks, Smartphones e mais.</title> <script>window.chaordic_meta = {"page":{"name":"home","timestamp":new Date()}}</script> <script async="" defer="" src="//static.chaordicsystems.com/static/loader.js" data-initialize="false" data-apikey="saraiva-v5"></script> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/styles.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/footer.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/responsive.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/css/medias_queries.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/default/onsale/css/onsale_label.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/saraiva/apptha-reviews/css/amazereviews.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/base/default/saraiva/jplayer/main.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/saraiva/responsive/css/structure/menu.css?cache=MjAxNjAyMTE=" media="all"> <link rel="stylesheet" type="text/css" href="http://www.saraiva.com.br/skin/frontend/base/default/saraiva/swiper/idangerous.swiper.css?cache=MjAxNjAyMTE=" media="all"> <script type="text/javascript" src="http://www.saraiva.com.br/js/prototype/prototype.js?cache=MjAxNjAyMTE="></script> <script type="text/javascript" src="http://www.saraiva.com.br/js/prototype/validation.js?cache=MjAxNjAyMTE="></script> <script type="text/javascript" src="http://www.saraiva.com.br/js/scriptaculous/effects.js?cache=MjAxNjAyMTE="></script> <script type="text/javascript" src="http://www.saraiva.com.br/js/varien/js.js?cache=MjAxNjAyMTE="></script>
  • 53. HTTP/2 BINARY ‣ MORE EFFICIENT TO PARSE ‣ COMPACT “ON THE WIRE” ‣ LESS ERROR-PRONE ‣ WHITESPACE HANDLING, CAPITALIZATION, LINE ENDINGS
  • 54. Four different ways to parse a message in HTTP/1.1 in HTTP/2 there’s just one code path
  • 56.
  • 57. SECURITY SSL & TLS ‣ 13,2% SSL 2.0 - RFC6176 DEFICIENCIES ‣ 42,3% SSL 3.0 - KILLED BY THE POODLE ATTACK
 ‣ 99,7% TLS 1.0 - BEAST ATTACK ‣ 52,2% TLS 1.1 ‣ 58.1% TLS 1.2
  • 58.
  • 59. HTTP/2 IS USED BY 6.6% OF ALL THE WEBSITES.
  • 61. ACTION PLAN ‣ CHECK THE METRICS - HIGH ‣ TLS - HIGH ‣ OK TO HOST? ‣ UPDATE YOUR WEB SERVER
  • 62.
  • 63. THANK YOU! REFERENCES ▸ https://http2.github.io ▸ httpwg.org ▸ The Internet Engineering 
 Task Force (IETF®) ▸ HTTP/2 - RFC7540 ▸ HPACK - RFC7541 TWITTER: @MATEUSPRADO HANGOUT: MATEUSH.PRADO@GMAIL.COM