Supporting the transition to IPv6-only networking services for iOS

Published on by Dragos Bogdan.

Early last month Apple announced that all apps submitted to the Apple Store June 1 forward would need to support IPv6-only networking as they transition to IPv6-only network services in iOS 9. Apple reports that “Most apps will not require any changes”, as these existing apps support IPv6 through Apple's NSURLSession and CFNetwork APIs. Our goal with IPv6, and any other emerging networking technology, is to make it…

The Sleepy User Agent

Published on by John Graham-Cumming.

From time to time a customer writes in and asks about certain requests that have been blocked by the CloudFlare WAF. Recently, a customer couldn’t understand why it appeared that some simple GET requests for their homepage were listed as blocked in WAF analytics. A sample request looked liked this: GET / HTTP/1.1 Host: www.example.com Connection: keep-alive Accept: text/html,application/xhtml+xml,application/…

Using HTTP/2 Server Push with PHP

Published on by John Graham-Cumming.

Two weeks ago CloudFlare announced that it was supporting HTTP/2 Server Push for all our customers. By simply adding a Link header to an HTTP response specifying preload CloudFlare would automatically push items to web browsers that support Server Push. To illustrate how easy this is I create a small PHP page that uses the PHP header function to insert appropriate Link headers to push images to…

Open sourcing our NGINX HTTP/2 + SPDY code

Published on by John Graham-Cumming.

In December, we released HTTP/2 support for all customers and on April 28 we released HTTP/2 Server Push support as well. The release of HTTP/2 by CloudFlare had a huge impact on the number of sites supporting and using the protocol. Today, 50% of sites that use HTTP/2 are served via CloudFlare. CC BY 2.0 image by JD Hancock When we released HTTP/…

How we built Origin CA: Web Crypto

Published on by Nick Sullivan.

At CloudFlare we strive to combine features that are simple, secure, and backed by solid technology. The Origin CA is a great example of this. You no longer need to go to a third-party certificate authority to protect the connection between CloudFlare and your origin server. You can now get a certificate to encrypt the connection between CloudFlare and the origin from CloudFlare directly with one click. In…