Skip to content

Latest commit

 

History

History
59 lines (39 loc) · 2.03 KB

http3.md

File metadata and controls

59 lines (39 loc) · 2.03 KB

HTTP/3

This feature is marked experimental as of this time and needs to be explicitly enabled in the build to function.

Drafts, not standard

As of January 2022, the HTTP/3 protocol has not yet been finalized. Everything and everyone that speaks HTTP/3 at this point does it with the knowledge and awareness that it might change going forward.

QUIC

HTTP/3 is the HTTP version that is designed to communicate over QUIC. QUIC can for all particular purposes to be considered as a TCP+TLS replacement.

All requests that do HTTP/3 will therefore not use TCP. They will use QUIC. QUIC is a reliable transport protocol built over UDP. HTTP/3 implies use of QUIC.

HTTPS only

HTTP/3 is performed over QUIC which is always using TLS, so HTTP/3 is by definition always encrypted and secure. Therefore, curl only uses HTTP/3 for HTTPS:// URLs.

Enable

As a shortcut straight to HTTP/3, to make curl attempt a QUIC connect directly to the given host name and port number, use --http3. Like this:

curl --http3 https://example.com/

Normally, without the --http3 option, an HTTPS:// URL implies that a client needs to connect to it using TCP (and TLS).

Alt-svc:

The alt-svc method of changing to HTTP/3 is the official way to bootstrap into HTTP/3 for a server.

Note that you need that feature built-in and that it does not switch to HTTP/3 for the current request unless the alt-svc cache is already populated, but it will rather store the info for use in the next request to the host.

When QUIC is denied

A certain amount of QUIC connection attempts will fail, partly because many networks and hosts block or throttle the traffic.

Currently, curl features no fall-back logic but if an HTTP/3 (or QUIC rather) connection fails it will be reported as, yes, a failure.

Web browsers will upgrade to HTTP/3 in the background and only switch over once they know it works, which is a smoother way that does not break things for users as much.

Future curl versions will likely offer better fall-back and error handling for this.