When I read the gRPC-Web documentation, I was surprised to see Envoy used without any explanation:
In this example, we will use the Envoy proxy to forward the gRPC browser request to the backend server. - gRPC Basics - Web
gRPC uses HTTP2. Since modern browsers are able to communicate over HTTP2, I don't see the need to set up a proxy if I support only such browsers. Why do I need a proxy like Envoy nonetheless?
Browser Restriction
There is a hint in the documentation describing the gRPC-Web protocol:
decouple from HTTP/2 framing which is not, and will never, be directly exposed by browsers - grpc/PROTOCOL-WEB.md at master · grpc/grpc
In short:
- JavaScript running in the browser does not provide full control over HTTP2.
- The gRPC protocol uses features of HTTP/2 that cannot be controlled by JavaScript.
- So that a proxy is required.
And I think the restriction will never be removed.
Why Restricted?
Why am I so sure that browser will keep the restriction?
The reason can be explained by considering the position of HTTP2 in the public Web. HTTP/1.1 has been used on the Web for a long time. So you can expect your web servers to be able to communicate over HTTP/1.1. However, it is not clear whether they can communicate over HTTP2. Therefore, a browser uses HTTP2 if it can communicate with a web server over HTTP2, but otherwise, it will fall back to HTTP/1.1.
Also, because of the concept of layered architecture, Web application must not know whether HTTP2 or HTTP/1.1 is used under the hood. This means HTTP/1.1 and HTTP2 must be able to be handled transparently so that browser will never provide a way to control a feature only available in HTTP2 by JavaScript.
gRPC uses the such HTTP2-only feature.