Does using HTTPS already include (transparent) content compression or should I still worry about negotiating with the browser whether to compress my Servlet output? If HTTPS already has compression, is it unconditional or does it need to be configured/negotiated/enabled?
Asked
Active
Viewed 3,209 times
2 Answers
4
TLS by default doesn't enable compression, though it (compression) is defined in TLS standard and can be enabled if both parties support it. So it's better to not rely on it and request it on HTTP level.
Eugene Mayevski 'Callback
- 45,135
- 8
- 71
- 121
-
Assuming modern browsers and servers that TLS compression, would it usually be enabled? If so, how? I'd rather set some configuration on my server than add code to do it (especially since TLS compression seems to come for free as part of the encryption). – Thilo Nov 18 '10 at 01:22
-
@Thilo unfortunately I didn't see compression option in modern browsers so I assume that they either use it implicitly or not use at all, and the only way to check is to check the source code of Firefox and server-side ssl modules such as apache and nginx (being one of the most popular ones). – Eugene Mayevski 'Callback Nov 18 '10 at 05:50
2
HTTPS only provides encryption. It does not compress the content. You should still negotiate gzip compression.
James Kovacs
- 11,549
- 40
- 44