1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
title: HTTP/3 / QUIC
description: The default build serves HTTP/3 over QUIC on the same port number as TCP, with automatic client negotiation.
HTTP/3 is included in the default build. No flags are needed:
```bash
cargo build
cargo run -- --tls-cert-file=cert.pem --tls-key-file=key.pem
```
HTTP/3 requires a valid TLS certificate. Without one, the QUIC listener is
silently skipped and the server continues to serve HTTP/2 and HTTP/1.1 over TLS.
The `http3` feature (which implies `http2`) starts two listeners on the same
port number:
- -
Both share the same port. Clients that support HTTP/3 connect via UDP; others
fall back to TCP transparently. `main()` runs both listeners concurrently:
```rust
tokio::join!(
);
```
HTTP/3 is built on the following crates:
- --
All parsing and protocol handling is contained in `src/h3_handler/mod.rs`.
The SNI hostname is extracted from the QUIC connection's TLS handshake data
and placed in `ConnectionInfo::sni_hostname`, exactly as it is for HTTP/2:
```rust
// src/h3_handler/mod.rs
let sni_hostname: Option<String> = conn
```
Virtual host routing via `Router::with_host()` and direct access in handlers
via `connection.sni_hostname` work the same way for HTTP/3 as for HTTP/2.
HTTP/1.1 and HTTP/2 TLS responses include:
```
Alt-Svc: h3=":7878"
```
This header tells clients — including browsers — that HTTP/3 is available on
the same port number over UDP. No client configuration is required; browsers
such as Chrome and Firefox will upgrade to HTTP/3 automatically on subsequent
requests after seeing this header.
Like HTTP/2, HTTP/3 (RFC 9114 §4.2) prohibits connection-level headers.
The same set is stripped automatically before sending H3 responses:
- -----
`h3_handler::handle_connection` mirrors the HTTP/2 handler:
1. 2.3.4.
Your `Application` implementation is called identically for HTTP/1.1, HTTP/2,
and HTTP/3.
:::note[Firewall requirements]
HTTP/3 uses UDP. Ensure your firewall or cloud security group allows UDP
traffic on the server port (default 7878) in addition to TCP.
:::