Support for HTTP/2
#6181
Replies: 2 comments 1 reply
-
|
Okay, maybe it's natively supported but only H2 and not H2C. So to enforce HTTP/2 in Vaultwarden upstream, one has likely to configure TLS certificates in Rocket itself. https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS#via-rocket |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
This is literally the same as #6175. |
Beta Was this translation helpful? Give feedback.
1 reply
-
Nice, thanks. Did not find it via the issue search. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Based on the latest research by Portswigger and James Kettle, HTTP/1.1 is inherently insecure and must die. As alternative, one must support HTTP/2 via TLS (often called h2) or HTTP/2 via unencrypted HTTP (often called h2c).
This must be enabled on the reverse proxy (frontend) as well as on all backend services (upstream).
https://http1mustdie.com/
It seems that Vaultwarden does not yet support HTTP/2.
IIRC, Vaultwarden uses Rocket as the underlying web server. Any possibility to enable HTTP/2 for Rocket? It seems it is supported: https://users.rust-lang.org/t/does-rocket-support-http-2/48165/2
Beta Was this translation helpful? Give feedback.
All reactions