This commit is contained in:
housseindjirdeh 2020-05-06 15:32:31 -04:00
Родитель e271fea034
Коммит fcd8588865
2 изменённых файлов: 1 добавлений и 149 удалений

Просмотреть файл

@ -11,8 +11,7 @@ This is the source of the official [Chrome Multi-Device documentation](https://d
2. Open [http://localhost:8000/_preview.html](http://localhost:8000/_preview.html)
3. You will see the boilerplate with the index.html file already included
4. To preview another document, add a url paramater with the filename
* Something like: [http://localhost:8000/_preview.html?data-compression-for-isps.html](http://localhost:8000/_preview.html?data-compression-for-isps.html)
* Or: [http://localhost:8888/_preview.html?webview/gettingstarted.html](http://localhost:8888/_preview.html?webview/gettingstarted.html)
* Something like: [http://localhost:8000/_preview.html?webview/gettingstarted.html](http://localhost:8000/_preview.html?webview/gettingstarted.html)
* Things mostly work but is not exactly the same as viewing through DCC.
### Deployment

Просмотреть файл

@ -1,147 +0,0 @@
{{+bindTo:partials.standard_multidevice_article}}
<h1>Chrome Data Compression Proxy for Network Administrators, Carriers, and ISPs</h1>
<p>
This document provides technical background for network administrators on
the Chrome Data Compression Proxy for Android (henceforth referred
to as DCP). It also describes mechanisms that the DCP provides to allow
network administrators to restrict access to the proxy for specific
users and URLs.
</p>
<section class="collapsible">
<h2 id="proxy-connection">Proxy Connection</h2>
<p>
Enabling the
<a href="https://support.google.com/chrome/answer/2392284?co=GENIE.Platform%3DAndroid&hl=en">Data Saver</a>
feature in Chrome establishes a connection between the browser and Google's
servers to proxy HTTP requests. Pages loaded in
Incognito tabs are never proxied or optimized. In the vast majority of cases,
HTTPS traffic is not affected by Data Saver. On extremely slow page loads, Chrome
will redirect to a Google-hosted domain which serves a transcoded version of the
page to save data and load faster. This is only used on very slow page loads, or
when the page might fail to load at all.
</p>
<p>
When possible, the proxy connection is encrypted using SSL. In certain cases, as described
below, the proxy connection may use unencrypted HTTP/1.1.
</p>
<p>
Google's proxy servers perform various optimizations on the Web page
content, with the goal of reducing bandwidth usage and improving performance. The DCP
transcodes images to the WebP format, reduces image quality, compresses and minifies
Javascript and CSS resources, and applies gzip and other transport-level
compression.
</p>
<p>
Requests made by the DCP on behalf of users will carry the header
<code>Via: 1.1 Chrome-Compression-Proxy</code>. The DCP also acts as an
HTTP-compliant proxy cache. It respects <code>Cache-Control</code> directives,
including <code>Cache-Control: no-transform</code> which informs the DCP not to
transcode a given resource.
</p>
</section>
<section class="collapsible">
<h2 id="client-ip">Identifying the Client IP Address</h2>
<p>
Because requests to destination websites are sent from Google's
servers, the IP address of the client making the connection will reflect
the location of Google's servers, not the user. The DCP sends the IP
address of the client in the <code>X-Forwarded-For</code> header with each
request, for example: <code>X-Forwarded-For: 74.125.239.111</code>
</p>
<p>
Websites should use the <code>X-Forwarded-For</code> header to determine the IP
address of the client for the purpose of IP geolocation.
</p>
</section>
<section class="collapsible">
<h2 id="disabling-encryption">Disabling Encryption</h2>
<p>
By default, the connection between the browser and the proxy is over
an encrypted channel. A network administrator can restrict the use
of encryption for a specific user by blocking access to a canary URL
(<code>http://check.googlezip.net/connect</code>) and returning a response
other than a status code 200 with a response body of <code>OK</code>.
As described below, Chrome issues an in-the-clear request to this URL
prior to connecting to the DCP. The canary URL is only used for this
purpose and does not serve any other content.
</p>
<p>
Because downgrading to HTTP does not allow the DCP to use HTTP/2 and other
protocol-level enhancements, this will incur a performance penalty for
the user.
</p>
<p>
It is preferable to send an immediate response for the canary URL, rather
than inducing a DNS or connection timeout, which will not disable use
of the DCP.
</p>
<h3 id="details">Details</h3>
<p>
When Chrome starts with the DCP setting enabled, the DCP is
enabled by the user, or a network interface change occurs, Chrome
asynchronously issues an in-the-clear HTTP request to the canary URL,
<code>http://check.googlezip.net/connect</code>.
</p>
<p>
There are three possible outcomes of the canary URL request:
</p>
<ul>
<li>If the response status code is 200 and the response body is <code>OK</code>,
Chrome uses an encrypted proxy connection for subsequent HTTP requests.</li>
<li>If the response status code is anything other than 200 or the response
body is anything other than <code>OK</code>, Chrome uses an unencrypted proxy
connection.</li>
<li>If the canary URL request times out or a DNS error occurs, Chrome
uses an encrypted proxy connection.</li>
</ul>
</section>
<section class="collapsible">
<h2 id="proxy-bypass">Proxy Bypass</h2>
<p>
The Chrome DCP issues a proxy bypass response for URLs matching a list
of restricted URLs maintained by Google. A proxy bypass causes Chrome to
disable the use of SSL for the DCP connection for a short time (randomly
chosen between 1 and 5 minutes). Carriers or network administrators can
then block or take appropriate action on the request.
</p>
<p>
Proxy Bypass is used mainly for:
</p>
<ul>
<li>Child sexual abuse material, which includes NCMEC, IWF and other lists
used globally by Google for restricting access to such illegal material</li>
<li>URLs subject to court-ordered DMCA and other takedowns on Google services</li>
<li>Country-specific takedown lists, which are applied only to users with IP
addresses originating in the associated country</li>
<li>A small number of other sites known not to work well with the DCP (e.g.,
known carrier billing portal and intranet sites)</li>
</ul>
</section>
{{/partials.standard_multidevice_article}}