<div dir="ltr"><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">Hi Maxim,<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)"><br>There is still something I do not get...<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">The <a href="http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_proxied" target="_blank">gzip_proxied</a> default value is set to honor the HTTP/1.0 protocol (which does not have the Vary header and thus is unable to cache different versions of a document) in some proxies.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">However, the <a href="http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_http_version" target="_blank">gzip_http_version</a> default value is set so that only HTTP/1.1 requests are being compressed... Thus with the default setting it is impossible to compress requests advertising HTTP/1.0.<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)"><a href="http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-14#section-2.5" target="_blank">The RFC</a> dictates:<br><pre> Intermediaries that process HTTP messages (i.e., all intermediaries
other than those acting as a tunnel) MUST send their own HTTP-Version
in forwarded messages. In other words, they MUST NOT blindly forward
the first line of an HTTP message without ensuring that the protocol
version matches what the intermediary understands, and is at least
conditionally compliant to, for both the receiving and sending of
messages.</pre><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">'tunnel' is considered different as a 'proxy', as <a href="http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-14#section-2.3" target="_blank">section 2.3</a> indicates:<br><pre> There are three common forms of HTTP
intermediary: proxy, gateway, and tunnel.</pre>Thus, any HTTP/1.0 proxy should be seen with a HTTP/1.0 protocol version header... and thus should naturally get an uncompressed version of the page.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)"><br>Non-compliant proxies can be bogus in thousands of way, so there is no point in trying to satisfy them anyway.<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">In the light of these elements, I am still wondering why the default behavior of the gzip module for HTTP/1.1 requests going through a (HTTP/1.1) proxy is to send a disturbing uncompressed version of the page.<br></div><div class="gmail_extra"><div><div><font size="1"><span style="color:rgb(102,102,102)">---<br></span><b><span style="color:rgb(102,102,102)">B. R.</span></b><span style="color:rgb(102,102,102)"></span></font></div></div>
<br><div class="gmail_quote">On Sun, Mar 22, 2015 at 6:06 PM, Maxim Dounin <span dir="ltr"><<a href="mailto:mdounin@mdounin.ru" target="_blank">mdounin@mdounin.ru</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello!<br>
<span><br>
On Sun, Mar 22, 2015 at 03:14:22PM +0100, B.R. wrote:<br>
<br>
> I do not get why you focus on the gzip_vary directive, while I was<br>
> explicitely talking about gzip_proxied.<br>
> The fact that content supposedly compressed might actually not be because<br>
> it contains a 'Via' header is the root cause of our trouble... and you just<br>
> told me it was for HTTP/1.0 compatibility.<br>
<br>
</span>With HTTP/1.0, there is only one safe option:<br>
<br>
- don't compress anything for proxies.<br>
<br>
With HTTP/1.1, there are two options:<br>
<br>
- don't compress anything for proxies;<br>
<br>
- compress for proxies, but send Vary to avoid incorrect behaviour.<br>
<br>
The second options, which becomes available if you don't care<br>
about HTTP/1.0 compatibility at all, has its downsides I've<br>
talked about.<br>
<div><div><br>
--<br>
Maxim Dounin<br>
<a href="http://nginx.org/" target="_blank">http://nginx.org/</a><br>
<br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</div></div></blockquote></div><br></div></div>