Unfortunately, Cloudfare sides with Firefox and Chrome and does not offer Brotli on HTTP, citing old studies of proxies breaking when exposed to Brotli. They are also telling the author to go away in corporate-speak. The author, however, is unsatisfied and asks:
> What is the real (undisclosed to me) reason they won't consider even the possibility of Brotli being enabled for clients who support it? ... I can only conclude there's some agenda here that I'm being kept in the dark about...
In an internal study (in an enterprise level) and assuming this is HTTP/1.1, that some proxies will either cache only brotli and made it inaccesible to gzip-only clients (even when you bothered with Vary, because they're plain broken in that regard) or just barf with it and time-out not only that particular request but crash a proxy.
The problem for large-scale deployment is that there are transparent proxies in Timbuktu (literally) since data is not cheap there, they need to use HTTP proxies to compress that, not to mention dial-up users in the US! (Good luck, Verizon!)
Or is Moonchild suggesting that Cloudflare is specifically trying to damage Pale Moon by not supporting its unique feature of Brotli over HTTP? That seems unlikely, insofar as it would require them to have an opinion one way or the other about a browser that nobody uses.
Sounds to me like they overestimate they own importance to CF a bit.
Maybe there is a limitation in the way their caching works that it cant differentiate between different encodings, and therefore just requests and caches the most commonly supported encoding?
Why would this be different over https? Why isn't https == http + s? When did that break, and why did we let it?
If we don't want doubly-compressed content (for security/superior compression/whatever), surely it should be up to the browser not to request that encoding, rather than baking it in at some other layer?
Brotli and h2 both will break a lot of proxies in the wild, as well as a bunch of web clients. Moonchild/The Palemoon Team do say that the browsers aren't supported by Google/MS/Apple/Moz but the reality is that while those entities do not support those browsers, Cloudflare does.
So from Cloudflare's perspective, the clients they support are likely to break, especially if they might have more middleboxes. Why would they then enable this feature if that is the case?
Moonchild on the other hand seems to want to make a conspiracy out of it.
As I understood, this is about CONTENT ENCODING using brotli - i.e. the http response message body is encoded via brotli. Why would this be any different to any other encoding on its impact on proxies?
Of course, brotli compression for the TRANSPORT is another thing. I appreciate that there may be some (non-transparent) proxies, IDS, etc that may choke - but thats not what the author seems concerned with.
It sounds as if cloudflare have disabled brotli content encoding (but just for http?), and are using brotli compressed transport incompatibilities (if you consider not being able to snoop on TLS an incompatibility) as the reason for doing so. The two are completely different things, no?
