Redbean http/2 http/3

[itwars]

Hi, Is there any chance to have those 2 transport protocoles in redbean? Thx, BR

[jart]

We plan to implement them at some point in the future, but don't have any immediate plans yet.

[itwars]

Excellent 👍

[diyism]

Great! If redbean server can support http/2, maybe we can enable chinese users(blocked from internet by GFW) directly visit redbean servers without users installing naiveproxy (https://github.com/klzgrad/naiveproxy which mitigate fingerprinting / traffic classification by traffic multiplexing in HTTP/2)

[jart]

Correct me if I'm wrong, but wouldn't it do the opposite? Modern protocols make it harder for corporations and governments to monitor traffic. One such example is TLS 1.3 with ESNI which has been blocked in the past. Redbean is interested in modern protocols because HTTP/2 and TLS 1.3 eliminate network round trips which improves the latency of your website considerably. Redbean is not designed to help you conceal your online activities.

[diyism]

Yes, GFW blocked ESNI, so the internet is upgrading ESNI to ECH(https://blog.cloudflare.com/encrypted-client-hello/), CCP gov is the "best" QA for the internet bug.

[itwars]

Agreed, according to differents reading and my nginx first tests with nginx-quic : https://hg.nginx.org/nginx-quic/shortlog/quic as quic rely on UDP it's way faster by avoiding TCP handshakes, and so on! My experience working with networks guys teach me that they don't actually understand UDP, so it will fuzz there mind to for a time :)

[diyism]

And for http3/quic, we could add a "send_welcome_udp(peer_ip, peer_port)" API into redbean-lua, so that we can build a mesh network for all home-hosted redbean web servers which are behind NAT.

[diyism]

I found nico reverse proxy (https://github.com/txthinking/nico), it can serve http2(automatically apply for ssl certificate) and forward proxy to http: "nico domain.com http://127.0.0.1:2020" but its size is 6MB, it's relative too big for redbean.

[diyism]

the deb package of haproxy 2.6 is only 1.4MB, and it supports http3, but there's no automatic letsencrypt cert: https://github.com/haproxy/haproxy

[itwars]

Yes I agree there a lot of applications layer we could use to address my needs, anyway it will be lovely to a a simple, all in one user friendly redbean binary :)

[paulwratt]

but there's no automatic letsencrypt cert.

is it possible to add a generic script, that is included when the prj does not have its own?

[itwars]

Hello,

Could you please add also brotli compression? There's some good repo:

• https://github.com/google/brotli
• https://github.com/mcmilk/7-Zip-zstd

Also a good item will be to be able to cache already gzip and brotlied assets.

[diyism]

Too many features are expected, but the most expected by me is the http3, currently I'm using a customized caddy web server with http3 behind NAT,(https://github.com/diyism/caddy) and I added 10 lines of golang codes into this version caddy server to send udp packets to each others to penetrate the NAT and built a mesh network, if Redbean supports http3, I can migrate the mesh network from caddy to redbean.