Ask Some HTTP/2 Pros The Hard Questions

Published on by Elenitsa Staykova.

We're big fans of HTTP/2 and our customers make up the majority of HTTP/2 enabled domains today. HTTP/2 is a key part of the modern web, and its growth and adoption is changing how websites and applications are built. On Thursday July 21, 2016, join web performance experts Ilya Grigorik (Web Performance Engineer at Google) and Suzanne Aldrich (Solutions Engineer at CloudFlare), as they discuss…

CloudFlare sites protected from httpoxy

Published on by Ben Cartwright-Cox.

CC BY 2.0 image by Joe Seggiola We have rolled out automatic protection for all customers for the the newly announced vulnerability called httpoxy. This vulnerability affects applications that use “classic” CGI execution models, and could lead to API token disclosure of the services that your application may talk to. By default httpoxy requests are modified to be harmless and then request is allowed through, however customers…

More data, more data

Published on by Hunter Blanks.

"multas per gentes et multa per aequora" The life of a request to CloudFlare begins and ends at the edge. But the afterlife! Like Catullus to Bithynia, the log generated by an HTTP request or a DNS query has much, much further to go. This post comes from CloudFlare's Data Team. It reports the state of processing these sort of edge logs, including what's worked well for us…

Why we use the Linux kernel's TCP stack

Published on by Marek Majkowski.

A recent blog post posed the question Why do we use the Linux kernel's TCP stack?. It triggered a very interesting discussion on Hacker News. I've also thought about this question while working at CloudFlare. My experience mostly comes from working with thousands of production machines here and I can try to answer the question from that perspective. CC BY 2.0 image by John Vetterli Let's start…

HTTP/2 Server Push with multiple assets per Link header

Published on by John Graham-Cumming.

In April we announced that we had added experimental support for HTTP/2 Server Push to all CloudFlare web sites. We did this so that our customers could iterate on this new functionality. CC BY 2.0 image by https://www.flickr.com/photos/mryipyop/ Our implementation of Server Push made use of the HTTP Link header as detailed in W3C Preload Working Draft. We also showed how…