The Internet Engineering Task Force has just reached a consensus and finished finalising the next major update, to the HTTP standard that we all use every day. The specification builds upon and is an alternative to, but does not obsolete, the HTTP/1.1 standard that was first introduced in 1999, that we currently use whenever we access web services.
HTTP has obviously, until now, been a little neglected and as such has not been keeping pace with the internet's enhancements over the last 15 years. For instance, to load an average webpage on 5 years ago back in 2010, usually took around 70 requests from your browser to the web server and the total size of the transfer was around 700kB. Now it's a very different story, with browsers sometimes performing 100 or more requests per page load and transferring around 2000kB of data as a result.
There are several major changes in HTTP/2 from HTTP/1.1, firstly it is now binary rather than textual (human readable) so it is a lot more efficient, this also means that there is no transfer-encoding and as such there should be no parsing issues, or at least none related to encoding/decoding. Secondly it allows messages to be sent from the server to the client and vice versa, without confirmation of receipt (much like UDP) and as such, allows a single connection to be used for multiple requests, previously a browser could have opened as many as 30 different connections to a server, to allow to it request all of the required elements of the page and if one of these got delayed, it would delay the loading of the whole page.
The new protocol also uses header compression (HPACK) to reduce overhead, as sometimes HTTP/1.1 headers can almost be as large as the compressed content that they were carrying, this will dramatically reduce the size of HTTP headers. From a security point of view HTTP/2 defines a profile of TLS (Transport Layer Security) that can be used to make the connection secure, but it can also be used without TLS, using regular TCP connections. Many implementations though, are only supporting the TLS profile currently, making TLS the standard for all connections using them.
Finally HTTP/2 allows the server to actively push content to the client/browser cache, this means that if the browser is processing content leaving the connection idle, the server can go ahead and push what it thinks the browser will request next before the browser even requests it. This will be most useful for video streaming and preloading content that might be requested next, such as the next page in a multi-page article so that it loads instantly when requested.
While HTTP/1.1 will still be with us for a long time yet, it is likely that a lot of the web will move to HTTP/2 over the next few years due to the improvements it contains. There are also a lot of services we use that currently depend on HTTP/1.1 so trying to get rid of it completely in your browser would likely break large parts of the internet for you. Some level of HTTP/2 support is currently available in the latest dev versions of Firefox, IE and Chrome for testing, but for the most part you can just wait until normal version are updated, as it will take a while for web servers and sites to start supporting the final version of HTTP/2 and until then there isn't much point in testing it unless you are a really eager web developer.
If you have any other questions about HTTP/2 be sure to check out the Internet Engineering Task Force's HTTP/2 FAQ over on Github.
Discuss on our Facebook page, HERE.
KitGuru Says: It will take a while to become widely supported on both browser and server sides, but HTTP/2 is a much-needed and excellent improvement to what is mostly, an unseen fabric of the web as we use it today. Eventually we will see HTTP/3 as well, but this is still just a sparkle in the eyes of the Internet Engineering Task Force at the moment. Are you looking forward to using HTTP/2, do you think you will even notice it?
Source: ArsTechnica, IETF HTTP WG
We need to wait at least 5 months for this to be useful…