SPDY

SPDY (pronounced "speedy") is an obsolete open-specification communication protocol developed for transporting web content. SPDY became the basis for HTTP/2 specification. However, HTTP/2 diverged from SPDY and eventually HTTP/2 subsumed all usecases of SPDY. After HTTP/2 was ratified as a standard, major implementers, including Google, Mozilla, and Apple, deprecated SPDY in favor of HTTP/2. Since 2021, no modern browser supports SPDY.

Google announced SPDY in late 2009 and deployed in 2010. SPDY manipulates HTTP traffic, with particular goals of reducing web page load latency and improving web security. SPDY achieves reduced latency through compression, multiplexing, and prioritization, although this depends on a combination of network and website deployment conditions. The name "SPDY" is not an acronym.

History
HTTP/2 was first discussed when it became apparent that SPDY was gaining traction with implementers (like Mozilla and nginx), and was showing significant improvements over HTTP/1.x. After a call for proposals and a selection process, SPDY was chosen as the basis for HTTP/2. Since then, there have been a number of changes, based on discussion in the Working Group and feedback from implementers.

, the group developing SPDY stated publicly that it was working toward standardisation (available as an Internet Draft). The first draft of HTTP/2 used SPDY as the working base for its specification draft and editing. The IETF working group for HTTPbis has released the draft of HTTP/2. SPDY (draft-mbelshe-httpbis-spdy-00) was chosen as the starting point.

Throughout the process, the core developers of SPDY have been involved in the development of HTTP/2, including both Mike Belshe and Roberto Peon.

Chromium, Mozilla Firefox, Opera, Amazon Silk, Internet Explorer, and Safari expressed support for SPDY at the time.

In February 2015, Google announced that following ratification of the HTTP/2 standard, support for SPDY would be deprecated, and that support for SPDY would be withdrawn. On May 15, 2015, HTTP/2 was officially ratified as.

On February 11, 2016, Google announced that Chrome would no longer support SPDY after May 15, 2016, the one-year anniversary of which standardized HTTP/2.

On January 25, 2019, Apple announced that SPDY would be deprecated in favor of HTTP/2, and would be removed in future releases.

Google removed SPDY support in Google Chrome 51 which was released in 2016. Mozilla removed it in Firefox 50. Apple has deprecated the technology in macOS 10.14.4 and iOS 12.2.

Protocol versions
SPDY is a versioned protocol. SPDY control frames contain 15 dedicated bits to indicate the version of protocol used for the current session.


 * Version 1: version 1 of the SPDY protocol is not used anymore.
 * Version 2: soon to be discontinued. Nginx supports SPDY/2 in versions prior to 1.5.10. Firefox 28 and recent versions of Chrome drop support for it. OpenLiteSpeed 1.1 and up support SPDY/2.
 * Version 3: SPDY v3 introduced support for flow control, updated the compression dictionary, and removed wasted space from certain frames, along with other minor bug fixes. Firefox supports SPDY v3 in Firefox 15. OpenLiteSpeed 1.1 and up support SPDY/3.
 * Version 3.1: SPDY v3.1 introduced support for session-layer flow control, and removed the CREDENTIALS frame (and associated error codes). Firefox 27 has added SPDY 3.1 support. OpenLiteSpeed 1.2.7 introduces SPDY/3.1 support. Nginx 1.5.10 supports SPDY/3.1. F5 BIGIP 11.6 supports SPDY/3.1.
 * Version 4.0: SPDY v4 alpha3 is more closely aligned with the HTTP/2 draft; it has a new stream flow control and error codes unified with the HTTP/2 draft.

Design
The goal of SPDY is to reduce web page load time. This is achieved by prioritizing and multiplexing the transfer of web page subresources so that only one connection per client is required. TLS encryption is nearly ubiquitous in SPDY implementations, and transmission headers are gzip- or DEFLATE-compressed by design (in contrast to HTTP, where the headers are sent as human-readable text). Moreover, servers may hint or even push content instead of awaiting individual requests for each resource of a web page.

SPDY requires the use of SSL/TLS (with TLS extension ALPN) for security but it also supports operation over plain TCP. The requirement for SSL is for security and to avoid incompatibility when communication is across a proxy.

Relation to HTTP
SPDY does not replace HTTP; it modifies the way HTTP requests and responses are sent over the wire. This means that all existing server-side applications can be used without modification if a SPDY-compatible translation layer is put in place.

SPDY is effectively a tunnel for the HTTP and HTTPS protocols. When sent over SPDY, HTTP requests are processed, tokenized, simplified and compressed. For example, each SPDY endpoint keeps track of which headers have been sent in past requests and can avoid resending the headers that have not changed; those that must be sent are compressed.

Protocol support
For use within HTTPS, SPDY requires the TLS extension Next Protocol Negotiation (NPN) or Application-Layer Protocol Negotiation (ALPN) thus browser and server support depends on the HTTPS library.

OpenSSL 1.0.1 or greater introduces NPN. Patches to add NPN support have also been written for NSS and TLSLite.

Security Support Provider Interface (SSPI) from Microsoft have not implemented the NPN extension to its TLS implementation. This has prevented SPDY inclusion in the latest .NET Framework versions. Since SPDY specification is being refined and HTTP/2 is expected to include SPDY implementation one could expect Microsoft to release support after HTTP/2 is finalized.

Client (browser) support and usage

 * Google Chrome/Chromium. SPDY sessions in Chrome can be inspected via the URI:  . There is a command-line switch for Google Chrome  which enables an early, experimental implementation of WebSocket over SPDY. SPDY protocol functionality can be (de)activated by toggling "Enable SPDY/4" setting on local   page. Chromium is expected to remove support for SPDY and Next Protocol Negotiation in early 2016, in favor of HTTP/2 and ALPN. Starting with version 40.x in Feb 2015 Chrome has already dropped support for SPDY/3 and only supports SPDY/3.1 going forward. This has caused Apache websites to be without SPDY support when visited from Google Chrome.
 * Firefox supports SPDY 2 from version 11, and default-enabled since 13 and later. (Also SeaMonkey version 2.8+.) SPDY protocol functionality can be (de)activated by toggling the variable in  . Firefox 15 added support for SPDY 3. Firefox 27 has added SPDY 3.1 support. Firefox 28 has removed support of SPDY 2.   (or the HTTP/2 and SPDY indicator add-on) shows if a website uses SPDY.
 * Opera browser added support for SPDY as of version 12.10.
 * Internet Explorer 11 added support for SPDY version 3, but not for the Windows 7 version. A problem experienced by some users of Windows 8.1 and Internet Explorer 11 is that on initial loading, Google says "Page not found" but on reloading, it is fine. One fix for this is to disable SPDY/3 in Internet Options > Advanced. After version 11, IE will drop the support of SPDY, as it will adopt HTTP/2.
 * Amazon's Silk browser for the Kindle Fire uses the SPDY protocol to communicate with their EC2 service for Web pages rendering.
 * Safari 8 and third-party applications in OS X 10.10 and iOS 8 adds support for SPDY 2, 3 and 3.1.

Server support and usage
, approximately 0.1% of all websites support SPDY, in part due to transition to HTTP/2. In 2016, NGINX and Apache were the major providers of SPDY traffic. In 2015, NGINX 1.9.5 dropped SPDY support in favor of HTTP/2.

Some Google services (e.g. Google Search, Gmail, and other SSL-enabled services) use SPDY when available. Google's ads are also served from SPDY-enabled servers.

A brief history of SPDY support amongst major web players:


 * In November 2009, Google announced SPDY as an internal project to increase the speed of the web.
 * In September 2010, Google released SPDY in Chrome 6 on all platforms.
 * In January 2011, Google deployed SPDY across all Google services.
 * In March 2012, Twitter enabled SPDY on its servers, at the time making it the second largest site known to deploy SPDY.
 * In March 2012, the open source Jetty Web Server announced support for SPDY in version 7.6.2 and 8.1.2, while other open source projects were working on implementing support for SPDY, including Node.js, Apache (mod_spdy), curl, and Nginx.
 * In April 2012 Google started providing SPDY packages for Apache servers which led some smaller websites to provide SPDY support.
 * In May 2012 F5 Networks announced support for SPDY in its BIG-IP application delivery controllers.
 * In June 2012 Nginx open source web server announced support for SPDY.
 * In July 2012 Facebook announced implementation plans for SPDY. By March 2013 SPDY was implemented by some of their public web servers.
 * In August 2012 WordPress.com announced support for SPDY (using Nginx) across all their hosted blogs.
 * In June 2013, LiteSpeed Technologies announced support for SPDY/2 and SPDY/3 on OpenLiteSpeed, their open source HTTP server. Support for SPDY/3.1 was announced November 2013.
 * In January 2014, Synology announced SPDY is included in the new DSM 5.0.
 * In February 2014, CloudFlare using nginx announced automatic support for SPDY v3.1 for all customers with SSL/TLS certificates.
 * In May 2014, MaxCDN using nginx announced support for SPDY v3.1 via customers' Pull Zone settings and their API.
 * In October 2014, Yahoo shows support of SPDY on the Yahoo Homepage — www.yahoo.com
 * In September 2015, the latest version of the Nginx web server dropped SPDY support in favour of HTTP/2
 * In May 2016, CloudFlare releases patches to Nginx web server, the patches supports HTTP/2 and SPDY simultaneously.

According to W3Techs,, most SPDY-enabled websites use nginx, with the LiteSpeed web server coming second.