Use Different HTTP Protocols per Browser in Apache

Question

I am trying to use http/2 for everything except Safari because of some strange behavior we are seeing when using http/2 with any version of Safari we have handy. I cannot figure out how to set up Apache to allow it, however. Can anyone shed some light on why the following doesn't work?

BrowserMatchNoCase Safari NOHTTP2
# Chrome includes both Safari and Mozilla in its User Agent
BrowserMatchNoCase Chrome !NOHTTP2

<IfDefine NOHTTP2>
    Protocols http/1.1
</IfDefine>
<IfDefine !NOHTTP2>
    Protocols h2 h2c http/1.1
</IfDefine>

That is currently in /etc/apache2/mods-enabled/http2.conf. I have no experience with IfDefine or BrowserMatch, so I'm not sure if I am doing this correctly (given that it isn't working, it would seem I am not). Every browser I test it on still has http/2 enabled with the above config as well as any others I have tested.

I have also tried SetEnvIfNoCase User-Agent instead of BrowserMatch, and various options other than IfDefine such as If and Directory, but all of these throw "Protocols not allowed here" errors when running the configtest.

I am running Apache 2.4.25 on Debian 9.6.

Answer 1

I suspect you can't do what you want because by the time you've worked out what browser the client is using you've already negotiated the protocol and received a request; the User-Agent is submitted as a request header.

Your first <IfDefine> block would only work if you ran the httpd binary passing -DNOHTTP2 as an extra argument and that would restrict the protocol to HTTP/1.1 for all clients. Because the define is unset it's defaulting to the second block which is enabling all of the protocols. See https://httpd.apache.org/docs/2.4/mod/core.html#ifdefine