我正在试验SPDY协议,我偶然发现了
a sample of SPDY protocol(可以使用“
attachment”链接下载).

这是我看待它的方式：

>在Wireshark 1.12.2(或更新版本)中打开pcapng文件
>右键单击任何SSL / TLS帧,然后转到协议首选项 – > RSA密钥列表……
>单击新建,然后输入IP地址0.0.0.0,端口443,协议spdy和路径this key file,
>右键单击任何SPDY帧,转到协议首选项 – >解压缩SPDY标头以禁用SPDY标头解压缩
>转到第45帧并观察“SPDY：SYN_STREAM”图层,突出显示“Header Block”后,下面的十六进制转储是可读的

根据SPDY规范,this should be compressed.为什么我能看到这个？有没有办法在SPDY协议中禁用标头压缩？我用错误的方式使用Wireshark吗？

最佳答案 关于规范

你联系的草案说明了这一点：

The entire contents of the name/value header block is compressed using zlib. There is a single zlib stream for all name value pairs in one direction on a connection. SPDY uses a SYNC_FLUSH between each compressed frame.

Implementation notes: the compression engine can be tuned to favor speed or size. Optimizing for size increases memory use and CPU consumption. Because header blocks are generally small, implementors may want to reduce the window-size of the compression engine from the default 15bits (a 32KB window) to more like 11bits (a 2KB window). The exact setting is chosen by the compressor, the decompressor will work with any setting.

它不强制执行任何压缩级别.实际上,您可以使用zlib而不进行压缩,这是zlib格式支持的：

Level 0 actually does no compression at all, and in fact expands the data slightly to produce the zlib format (it is not a byte-for-byte copy of the input).

关于样本

我联系了样本的作者.事实证明他正在使用nginx进行实验.在他提供的文档中,nginx配置如下：

 # SPDY
 server {
     listen       443 ssl spdy;
     server_name  localhost;
     ssl_certificate      cert.pem;
     ssl_certificate_key  key.pem;
     ssl_session_cache    shared:SSL:1m;
     ssl_session_timeout  5m;
     ssl_ciphers  DES-CBC3-SHA;
     ssl_prefer_server_ciphers  on;
     location / {
         root   html;
         index  index.html index.htm;
     }

但是,nginx文档声明必须明确指定标头压缩：

06001

Sets the header compression level. […] The special value 0 turns off the header compression.

这意味着标头压缩很可能不会为实验启用.

我的结论

>是的,您可以在SPDY中禁用标头压缩,但必须保持zlib格式的压缩级别为0
>您正在使用Wireshark.您使用的样本是在压缩级别为0的情况下创建的