ui5-tooling icon indicating copy to clipboard operation
ui5-tooling copied to clipboard
verified publisher icon SAP

Use native http2 instead of spdy

Open matz3 opened this issue 7 years ago • 5 comments

Problem

The SPDY module is outdated and not compatible with Node v24 and later.

Expected Behavior

Native HTTP/2 protocol from Node.js is used.

Current Behavior

SPDY protocol is used for HTTP/2 server.

Details

This currently depends on the native HTTP/2 of express as it's used as the underlaying framework for our server: https://github.com/expressjs/express/pull/3730

However we might also switch to a different framework such as fastify, which supports native HTTP/2 and out of the box provides an asynchronous middleware engine compatible with Express and Restify middlewares (https://github.com/fastify/fastify/blob/master/docs/Middlewares.md) so we wouldn't need to re-write our existing middlewares.

matz3 avatar Nov 13 '18 12:11 matz3

Hey, @matz3 , what's the current status here? We are approaching the EOL for v22 and it seems that Express haven't made much progress on their side. This is definitely a show-stopper in many projects I'm running currently (and would like to have up-to-date before the end of the year).

Let me know how I can support.

Cheers, Henrique

henriquemattos avatar Sep 26 '25 17:09 henriquemattos

Hi @henriquemattos, thanks a lot for your comment. It's definitely a gap we wanna solve with the next major version of UI5 CLI. I have added this topic already to the roadmap for v5 https://github.com/UI5/cli/issues/976.

Could you share the scenario with us why you have to use HTTPS for local development? In case, you can't share this here publicly, feel free to send me an email [email protected]. We are currently collecting use cases in which scenarios this feature is helpful and we are looking forward to get feedback from many stakeholder as possible.

flovogt avatar Sep 29 '25 07:09 flovogt

Hi, @flovogt . I’m seeing this thread after I replied on the PR.

Currently, Firefox has strict use of HTTPS even for localhost, and since I ensure my backend API has SSL enabled via HTTPD, I would like to have the environment streamlined. In production I use AWS CloudFront to cache and proxy the frontend to S3 or to EC2.

As mentioned in the PR’s comment, I see HTTP/2 as “nice-to-have” in development, even because on AWS we are serving HTTP/3 since 2022. But SSL is part of the infrastructure and workflow, therefore I would need to keep it on the UI’s dev env.

I’m not sure if CLI should/must split SSL and H2, but currently this is a bug affecting Node v24 with a very simple solution to fix it. I guess the question should be the opposite direction: why do we need HTTP/2 in development. 🤓

Kind regards Henrique

henriquemattos avatar Sep 29 '25 11:09 henriquemattos

Thanks a lot for sharing your scenario. I got your point.

We will discuss this topic in the team and I will update the issue after we have decided the way forward.

Personal Note: I could imagine to offer a new CLI argument in UI5 CLI v4 e.g. --https to enforce the HTTPS usage by using the built-in HTTPS option by Node.js you have used. Using the --h2 option to enforce HTTPS but not HTTP/2 might be confusing.

flovogt avatar Sep 30 '25 05:09 flovogt

(SAP internal): This request is tracked via CPOUI5FOUNDATION-1132.

flovogt avatar Sep 30 '25 05:09 flovogt