* Full-body compression is supported and expected for all unary
requests/responses. The compression/decompression will be done
by browsers, using standard Content-Encoding headers
* “grpc-encoding” header is not used
* SDCH, Brotli will be supported
* Message-level compression for streamed requests/responses is not supported
because manual compression/decompression is prohibitively expensive using JS
* Per-message compression may be feasible in future with wasm
---
Retries, caching
Retries, caching
* Will spec out the support after their respective gRPC spec extensions
* Will spec out the support after their respective gRPC spec extensions
@ -128,24 +115,6 @@ are finalized
---
---
Security
* XSRF, XSS etc to be specified
---
CORS preflight
* Should follow the [CORS spec](https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control)
* Access-Control-Allow-Credentials to allow Authorization headers
* Access-Control-Allow-Methods to allow POST and (preflight) OPTIONS only
* Access-Control-Allow-Headers to whatever the preflight request carries
* The client library may support header overwrites to avoid preflight
* https://github.com/whatwg/fetch/issues/210
* CSP support to be specified
---
Keep-alive
Keep-alive
* HTTP/2 PING is not supported or used
* HTTP/2 PING is not supported or used
@ -165,3 +134,8 @@ Versioning
* Special headers may be introduced to support features that may break compatiblity.
* Special headers may be introduced to support features that may break compatiblity.
---
Browser-specific features
* Certain features are unique to browser or HTML clients, and for those features please check the [spec doc](https://github.com/grpc/grpc-web/blob/master/PROTOCOL-WEB.md) published in the grpc/grpc-web repo.