HTTP/2: What you'll need to brace for
With every major change comes major breakage. HTTP/2 is no exception, and most everyone in IT will be affected by the shift. What's more, existing issues with site designs may be exacerbated by deploying HTTP/2. In other words, the Web is bound to get worse before it gets better.
Here are the major issues to consider in the run-up to HTTP/2.
Dev folks will need to upgrade their network inspection and management tools. The decision to make HTTP/2 a binary protocol goes beyond avoiding text-based exploits. Binary protocols, according to the HTTP/2 FAQ, are "more efficient to parse, more compact 'on the wire', and most importantly, they are much less error-prone compared to textual protocols like HTTP/1.x."
Many old-school gurus are upset about this decision because it won't let them pull some of the nifty debugging tricks they so enjoy. With HTTP/1.x, one could fire up a terminal window, manually initiate a connection to a remote site, and inspect the results in plaintext.
Not with HTTP/2 -- for that, you need a tool that can support the binary-mode connections used by the protocol. Plain-text debugging is out the window. That said, many of the common tools used to debug HTTP connections and networks generally are getting HTTP/2 support in short order. It's simply a question of when.
Web designers will need to undo optimization hacks. This is both good news and bad news. Good news: Designers no longer have to bother with acceleration tricks, like CSS sprites, freeing them to concentrate on crafting a good-looking front end.
The bad news is that optimizations already deployed on sites set to receive HTTP/2 traffic will have to be undone. Under HTTP/2, such optimizations hurt performance, not help it. The creators of the H2O Web server have noted "the overhead of transmitting all the images/CSS styles used by the website at once while only some of them is needed to render a specific page [a/k/a 'spriting'], becomes a bad idea." Likewise, HTML Working Group member Matt Wilcox asserts, "The best practices of HTTP/1 are harmful in an HTTP/2 world."
Given how widespread those practices are, it won't be trivial to roll them back.
Ops people will need to upgrade their Web servers. Web servers will need to be upgraded to support HTTP/2. Support for HTTP/2 is still in its infancy, and each major HTTP server is doing so on its own schedule.
Nginx already supports the HTTP/2 precursor SPDY and is planning to add formal support for HTTP/2 by the end of 2015. Microsoft's IIS is set to support HTTP/2 in its next release, bundled with Windows 10 and, one presumes, the next iteration of Windows Server. Google donated its SPDY code to the Apache Foundation, which plans to make SPDY part of Apache HTTPD 2.4, thereby paving the way for HTTP/2 down the line.
Sign up for CIO Asia eNewsletters.