The compression format war of the last decade was won by Gzip. Why do web browsers still support the legacy HTTP Deflate (Zlib) format? It’s time to deprecate it.
Firefox for Android “forgets” to send SameSite=Strict cookies to websites, causing them to log you out and forgot you ever visited them in the past.
Chrome intends to remove support for server push; an underutilized performance feature introduced in HTTP/2. It cites low usage and implementation complexity.
A new HTTP header enables websites to redirect their visitors using the Tor Browser to their more secure Onion site.
The majority of websites don’t compress their favicon files despite an impressive average file size reduction of over 70 %.
Apache’s module for server-driven HTTP content negotiation isn’t suited to make decisions about which pre-compressed resource to serve.
Any HTTP Content-Security-Policy blocks the default <audio>/<video> controls in Safari unless you deliberately make it less secure.
Don’t use Nginx’s merge_slashes option in your HTTP reverse caching proxy setup. Here’s an example of an unintended problem caused by blindly rewriting URLs.
Five implementation problems and gotchas when using Apache’s HTTP caching module. Learn how to keep your HTTPD caching proxy server from messing up.
HTTP 301 redirects are supposed to be permanent. Clients are expected to update links and not request the old address in the future.
Bots and older clients sometimes request /page#fragment URLs over HTTP without stripping away the URL #fragment. Here’s how to recover using redirects.
A quick review of which content delivery networks support RFC 5861’s Stale-While-Revalidate and Stale-If-Error caching directives.
Verify that your CDN or caching proxy supports RFC 5861 asynchronous cache revalidation through the stale-while-revalidate HTTP response directive.
Learn how to set up HTTP Save-Data request-hint aware HTTP/2 server push with Apache HTTPD and Nginx web servers.
Set up faster HTTP redirects by using HTTP/2 server push to send the new location in the same response informing the client about the redirect.
An intermediary HTTP proxy-cache can interfere with how different devices detect whether they’ve got working internet access or not.
Many bug tracking software leak information about your organization’s security problems through HTTP referrer headers.
The new HTTP Save-Data request header can help websites determine the bandwidth constraints of their visitors. Plus, a browser extension for users to adopt it.