Security is no excuse for slowness. With the SPDY protocol your secure HTTPS traffic transfers faster.
What is SPDY?
You have probably heard of HTTP. HTTP is the protocol that delivers unsecured content on the web. This is fine for most sites since most don’t take in sensitive material like credit card data, social security numbers, etc. Sites that do must get an SSL certificate and transfer their content over HTTPS. The encryption process adds a slight delay to page load time. That’s the way the web has worked for nearly 20 years.
A faster web is more enjoyable for everyone. This is why short load time helps improve SEO. In 2009 Google introduced SPDY (pronounced SPeeDY) as part of their Make the Web Faster initiative. They outlined a few issues with HTTP that slow down the web.
- The little messages that browsers and servers send to each other — called HTTP request and response headers — are not compressed.
- Browsers can only handle a few concurrent file requests on each domain.
- Processing of file requests happens like a single check-out lane at a super market. They process them first-in, first-out. You cannot prioritize content. A delay in processing one file will delay the next file from starting.
- Sometimes a server knows that a browser will request a file. The server must wait for the browser to issue the request instead of immediately push the file to the browser ahead of time. This differs from preloading or prefetching because they are a hint to the next resources a user may request, while a server push is definitive.
The new SPDY protocol addresses these topics, but it can only do so with the extra processing required for a HTTPS connection. Luckily, it does this seamlessly. A server that supports SPDY will fall back to HTTPS if the browser does not support SPDY.
What Browsers Support SPDY?
|Support||Do Not Support|
As you can see, the biggest hold out is Apple. Apple has refused to support or even comment on SPDY. There is speculation that Apple may wait for HTTP/2.0 (which is basically just SPDY) to become a standard. Conspiracy theorists say that Apple does not want to support anything major like a protocol when Google holds a trademark on the name. That sounds like a stretch to me, but then again Apple is the company that started to get patent on touch events on mobile browsers as the web standards body began to formalize a standard around them.
Microsoft only supports SPDY in the most recent version of their web browser on their most recent operating system. IE on Windows Phone 8 is form of IE 10 which did not support SPDY. Presumably IE on Windows Phone 8.1 will support SPDY. While I can understand why they do not, I really wish they supported it on Windows 7. Hopefully they will support it in IE 12.
You can always check the very appropriately named Is the SPDY protocol enabled website if you’re curious to see if your browser supports SPDY. You can check a website with the SPDYCheck site. If you’re one of our clients and your site has an SSL then your site supports SPDY. SPDY support was one of the speed improvements we were making that I hinted at a few months back. Currently we have not forced any sites to encrypt every page, but may do so in the future. If you’re site has an SSL and you’d like to encrypt everything please contact us and let us know.
Known Issues with SPDY
SPDY is a great start for speeding up your site. It is definitely worth it if your site already delivers content over HTTPS. But there are a few limitations you need to know:
- No speed improvements for HTTP connections.
- Using multiple domains to speed up non-SPDY connections creates an unnecessary delay. Updating software to detect if SPDY is available adds complexity. This issue is slightly reduced when the other domains have SPDY enabled themselves. In the screenshot above you’ll notice that Pinterest has not enabled SPDY. This slightly slowed down page load.
- Currently Firefox and Chrome have disabled header compression due to a security issue. They will re-enable them once they solve this issue.
- Apache Web Server must run thread-safe code. For sites using PHP this means they can only safely use Fast CGI instead of mod_php. Fast CGI tends to use more memory than mod_php.
Enabling SPDY on your site is a great move to improve the overall speed of your site. A faster site will lead to more satisfied customers. With more satisfied customers and a faster site you will see your site improve in search engines and thus help you build your business.
Thank you and keep building your brand.