18 files changed, 615 insertions, 443 deletions
diff --git a/go.mod b/go.mod
index 0cbbfc70..036ed2f9 100755
--- a/go.mod
+++ b/go.mod
@@ -15,9 +15,11 @@ require (
 	github.com/spiral/goridge/v2 v2.4.6
 	github.com/stretchr/testify v1.6.1
 	github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a
+	github.com/yookoala/gofast v0.4.0
 	go.uber.org/multierr v1.6.0
 	go.uber.org/zap v1.16.0
-	golang.org/x/net v0.0.0-20200222125558-5a598a2470a0
-	golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e
-	golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1
+	golang.org/x/net v0.0.0-20201021035429-f5854403a974
+	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9
+	golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f
+	golang.org/x/tools v0.0.0-20201119174615-0557df368a99 // indirect
 )
diff --git a/go.sum b/go.sum
index 0e6bfdfe..3cc1800f 100755
--- a/go.sum
+++ b/go.sum
@@ -300,7 +300,9 @@ github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a h1:0R4NLDRDZX6Jc
 github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio=
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
+github.com/yookoala/gofast v0.4.0 h1:dLBjghcsbbZNOEHN8N1X/gh9S6srmJed4WQfG7DlKwo=
 github.com/yookoala/gofast v0.4.0/go.mod h1:rfbkoKaQG1bnuTUZcmV3vAlnfpF4FTq8WbQJf2vcpg8=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
@@ -322,6 +324,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5 h1:58fnuSXlxZmFdJyvtTFVmVhcMLU6v5fEb/ok4wyqtNU=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -341,6 +345,7 @@ golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
 golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
 golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -360,6 +365,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859 h1:R/3boaszxrf1GEUWTVDzSKVwL
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200222125558-5a598a2470a0 h1:MsuvTghUPjX762sGLnGsxC3HM0B5r83wEtYcYR8/vRs=
 golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/oauth2 v0.0.0-20170207211851-4464e7848382/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -374,6 +381,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEha
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -395,10 +404,14 @@ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae h1:/WDfKMnPU+m5M4xB+6x4kaepx
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1 h1:ogLJMz+qpzav7lGMh10LMvAkM/fAoGlaiiHYiFYdm80=
 golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f h1:+Nyd8tzPX9R7BWHguqsrbFdRx3WQ/1ib8I44HXV5yTA=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -422,9 +435,14 @@ golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc h1:NCy3Ohtk6Iny5V/reW2Ktypo4zIpWBdRJ1uFMjBxdg8=
 golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20201119174615-0557df368a99 h1:n5vf2xiiTUJDdUAV0Jz8zchHkBWp2NURAlIjghNNx+c=
+golang.org/x/tools v0.0.0-20201119174615-0557df368a99/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.0.0-20170206182103-3d017632ea10/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
 google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
diff --git a/plugins/http/plugin.go b/plugins/http/plugin.go
index aae42891..38539d52 100644
--- a/plugins/http/plugin.go
+++ b/plugins/http/plugin.go
@@ -251,15 +251,12 @@ func (s *Plugin) Stop() error {
 
 // ServeHTTP handles connection using set of middleware and pool PSR-7 server.
 func (s *Plugin) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if s.https != nil && r.TLS == nil && s.cfg.SSL.Redirect {
-		target := &url.URL{
-			Scheme:   "https",
-			Host:     s.tlsAddr(r.Host, false),
-			Path:     r.URL.Path,
-			RawQuery: r.URL.RawQuery,
-		}
+	if headerContainsUpgrade(r, s) {
+		http.Error(w, "server does not support upgrade header", http.StatusInternalServerError)
+		return
+	}
 
-		http.Redirect(w, r, target.String(), http.StatusTemporaryRedirect)
+	if s.redirect(w, r) {
 		return
 	}
 
@@ -277,6 +274,30 @@ func (s *Plugin) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	f(w, r)
 }
 
+func (s *Plugin) redirect(w http.ResponseWriter, r *http.Request) bool {
+	if s.https != nil && r.TLS == nil && s.cfg.SSL.Redirect {
+		target := &url.URL{
+			Scheme:   "https",
+			Host:     s.tlsAddr(r.Host, false),
+			Path:     r.URL.Path,
+			RawQuery: r.URL.RawQuery,
+		}
+
+		http.Redirect(w, r, target.String(), http.StatusTemporaryRedirect)
+		return true
+	}
+	return false
+}
+
+func headerContainsUpgrade(r *http.Request, s *Plugin) bool {
+	if _, ok := r.Header["Upgrade"]; ok {
+		// https://golang.org/pkg/net/http/#Hijacker
+		s.log.Error("server does not support Upgrade header")
+		return true
+	}
+	return false
+}
+
 // append RootCA to the https server TLS config
 func (s *Plugin) appendRootCa() error {
 	const op = errors.Op("append root CA")
diff --git a/plugins/http/tests/configs/.rr-fcgi-reqUri.yaml b/plugins/http/tests/configs/.rr-fcgi-reqUri.yaml
new file mode 100644
index 00000000..c42ff6a3
--- /dev/null
+++ b/plugins/http/tests/configs/.rr-fcgi-reqUri.yaml
@@ -0,0 +1,35 @@
+server:
+  command: "php ../../../tests/http/client.php request-uri pipes"
+  user: ""
+  group: ""
+  env:
+    "RR_HTTP": "true"
+  relay: "pipes"
+  relayTimeout: "20s"
+
+http:
+  debug: true
+  address: :8082
+  maxRequestSize: 1024
+  middleware: [ "" ]
+  uploads:
+    forbid: [ ".php", ".exe", ".bat" ]
+  trustedSubnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ]
+  pool:
+    numWorkers: 1
+    maxJobs: 0
+    allocateTimeout: 60s
+    destroyTimeout: 60s
+
+  ssl:
+    port: 8890
+    redirect: false
+    cert: fixtures/server.crt
+    key: fixtures/server.key
+  #    rootCa: root.crt
+  fcgi:
+    address: tcp://0.0.0.0:6921
+  http2:
+    enabled: false
+    h2c: false
+    maxConcurrentStreams: 128
+\ No newline at end of file
diff --git a/plugins/http/tests/configs/.rr-fcgi.yaml b/plugins/http/tests/configs/.rr-fcgi.yaml
index cdfdd969..0cbd6d02 100644
--- a/plugins/http/tests/configs/.rr-fcgi.yaml
+++ b/plugins/http/tests/configs/.rr-fcgi.yaml
@@ -9,7 +9,7 @@ server:
 
 http:
   debug: true
-  address: :8080
+  address: :8081
   maxRequestSize: 1024
   middleware: [ "" ]
   uploads:
@@ -22,7 +22,7 @@ http:
     destroyTimeout: 60s
 
   ssl:
-    port: 8888
+    port: 8889
     redirect: false
     cert: fixtures/server.crt
     key: fixtures/server.key
diff --git a/plugins/http/tests/configs/.rr-h2c.yaml b/plugins/http/tests/configs/.rr-h2c.yaml
index cdfdd969..316daea9 100644
--- a/plugins/http/tests/configs/.rr-h2c.yaml
+++ b/plugins/http/tests/configs/.rr-h2c.yaml
@@ -9,7 +9,7 @@ server:
 
 http:
   debug: true
-  address: :8080
+  address: :8083
   maxRequestSize: 1024
   middleware: [ "" ]
   uploads:
@@ -22,7 +22,7 @@ http:
     destroyTimeout: 60s
 
   ssl:
-    port: 8888
+    port: 8891
     redirect: false
     cert: fixtures/server.crt
     key: fixtures/server.key
@@ -30,6 +30,6 @@ http:
   fcgi:
     address: tcp://0.0.0.0:6920
   http2:
-    enabled: false
-    h2c: false
+    enabled: true
+    h2c: true
     maxConcurrentStreams: 128
 \ No newline at end of file
diff --git a/plugins/http/tests/configs/.rr-http.yaml b/plugins/http/tests/configs/.rr-http.yaml
index a566c794..caf7dfe3 100644
--- a/plugins/http/tests/configs/.rr-http.yaml
+++ b/plugins/http/tests/configs/.rr-http.yaml
@@ -9,7 +9,7 @@ server:
 
 http:
   debug: true
-  address: 127.0.0.1:8080
+  address: 127.0.0.1:8084
   maxRequestSize: 200
   middleware: [ "" ]
   uploads:
@@ -22,13 +22,13 @@ http:
     destroyTimeout: 60s
 
   ssl:
-    port: 8888
+    port: 8892
     redirect: true
     cert: fixtures/server.crt
     key: fixtures/server.key
   #    rootCa: root.crt
   fcgi:
-    address: tcp://0.0.0.0:6920
+    address: tcp://0.0.0.0:6921
   http2:
     enabled: false
     h2c: false
diff --git a/plugins/http/tests/configs/.rr-ssl-push.yaml b/plugins/http/tests/configs/.rr-ssl-push.yaml
new file mode 100644
index 00000000..90a99192
--- /dev/null
+++ b/plugins/http/tests/configs/.rr-ssl-push.yaml
@@ -0,0 +1,35 @@
+server:
+  command: "php ../../../tests/http/client.php push pipes"
+  user: ""
+  group: ""
+  env:
+    "RR_HTTP": "true"
+  relay: "pipes"
+  relayTimeout: "20s"
+
+http:
+  debug: true
+  address: :8086
+  maxRequestSize: 1024
+  middleware: [ "" ]
+  uploads:
+    forbid: [ ".php", ".exe", ".bat" ]
+  trustedSubnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ]
+  pool:
+    numWorkers: 1
+    maxJobs: 0
+    allocateTimeout: 60s
+    destroyTimeout: 60s
+
+  ssl:
+    port: 8894
+    redirect: true
+    cert: fixtures/server.crt
+    key: fixtures/server.key
+  #    rootCa: root.crt
+  fcgi:
+    address: tcp://0.0.0.0:6920
+  http2:
+    enabled: false
+    h2c: false
+    maxConcurrentStreams: 128
+\ No newline at end of file
diff --git a/plugins/http/tests/configs/.rr-ssl-redirect.yaml b/plugins/http/tests/configs/.rr-ssl-redirect.yaml
new file mode 100644
index 00000000..1878ba53
--- /dev/null
+++ b/plugins/http/tests/configs/.rr-ssl-redirect.yaml
@@ -0,0 +1,35 @@
+server:
+  command: "php ../../../tests/http/client.php echo pipes"
+  user: ""
+  group: ""
+  env:
+    "RR_HTTP": "true"
+  relay: "pipes"
+  relayTimeout: "20s"
+
+http:
+  debug: true
+  address: :8087
+  maxRequestSize: 1024
+  middleware: [ "" ]
+  uploads:
+    forbid: [ ".php", ".exe", ".bat" ]
+  trustedSubnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ]
+  pool:
+    numWorkers: 1
+    maxJobs: 0
+    allocateTimeout: 60s
+    destroyTimeout: 60s
+
+  ssl:
+    port: 8895
+    redirect: true
+    cert: fixtures/server.crt
+    key: fixtures/server.key
+  #    rootCa: root.crt
+  fcgi:
+    address: tcp://0.0.0.0:6920
+  http2:
+    enabled: false
+    h2c: false
+    maxConcurrentStreams: 128
+\ No newline at end of file
diff --git a/plugins/http/tests/configs/.rr-ssl.yaml b/plugins/http/tests/configs/.rr-ssl.yaml
index cdfdd969..127c1678 100644
--- a/plugins/http/tests/configs/.rr-ssl.yaml
+++ b/plugins/http/tests/configs/.rr-ssl.yaml
@@ -9,7 +9,7 @@ server:
 
 http:
   debug: true
-  address: :8080
+  address: :8085
   maxRequestSize: 1024
   middleware: [ "" ]
   uploads:
@@ -22,7 +22,7 @@ http:
     destroyTimeout: 60s
 
   ssl:
-    port: 8888
+    port: 8893
     redirect: false
     cert: fixtures/server.crt
     key: fixtures/server.key
diff --git a/plugins/http/tests/fcgi_test.go b/plugins/http/tests/fcgi_test.go
deleted file mode 100644
index 0a0b2b41..00000000
--- a/plugins/http/tests/fcgi_test.go
+++ /dev/null
@@ -1,104 +0,0 @@
-package tests
-
-//
-//import (
-//	"io/ioutil"
-//	"net/http/fcgi"
-//	"net/http/httptest"
-//	"testing"
-//	"time"
-//
-//	"github.com/stretchr/testify/assert"
-//)
-//
-//func Test_FCGI_Service_Echo(t *testing.T) {
-//	logger, _ := test.NewNullLogger()
-//	logger.SetLevel(logrus.DebugLevel)
-//
-//	c := service.NewContainer(logger)
-//	c.Register(ID, &Service{})
-//
-//	assert.NoError(t, c.Init(&testCfg{httpCfg: `{
-//			"fcgi": {
-//				"address": "tcp://0.0.0.0:6082"
-//			},
-//			"workers":{
-//				"command": "php ../../tests/http/client.php echo pipes",
-//				"pool": {"numWorkers": 1}
-//			}
-//	}`}))
-//
-//	s, st := c.Get(ID)
-//	assert.NotNil(t, s)
-//	assert.Equal(t, service.StatusOK, st)
-//
-//	// should do nothing
-//	s.(*Service).Stop()
-//
-//	go func() { assert.NoError(t, c.Serve()) }()
-//	time.Sleep(time.Second * 1)
-//
-//	fcgiConnFactory := gofast.SimpleConnFactory("tcp", "0.0.0.0:6082")
-//
-//	fcgiHandler := gofast.NewHandler(
-//		gofast.BasicParamsMap(gofast.BasicSession),
-//		gofast.SimpleClientFactory(fcgiConnFactory, 0),
-//	)
-//
-//	w := httptest.NewRecorder()
-//	req := httptest.NewRequest("GET", "http://site.local/?hello=world", nil)
-//	fcgiHandler.ServeHTTP(w, req)
-//
-//	body, err := ioutil.ReadAll(w.Result().Body)
-//
-//	assert.NoError(t, err)
-//	assert.Equal(t, 201, w.Result().StatusCode)
-//	assert.Equal(t, "WORLD", string(body))
-//	c.Stop()
-//}
-//
-//func Test_FCGI_Service_Request_Uri(t *testing.T) {
-//	logger, _ := test.NewNullLogger()
-//	logger.SetLevel(logrus.DebugLevel)
-//
-//	c := service.NewContainer(logger)
-//	c.Register(ID, &Service{})
-//
-//	assert.NoError(t, c.Init(&testCfg{httpCfg: `{
-//			"fcgi": {
-//				"address": "tcp://0.0.0.0:6083"
-//			},
-//			"workers":{
-//				"command": "php ../../tests/http/client.php request-uri pipes",
-//				"pool": {"numWorkers": 1}
-//			}
-//	}`}))
-//
-//	s, st := c.Get(ID)
-//	assert.NotNil(t, s)
-//	assert.Equal(t, service.StatusOK, st)
-//
-//	// should do nothing
-//	s.(*Service).Stop()
-//
-//	go func() { assert.NoError(t, c.Serve()) }()
-//	time.Sleep(time.Second * 1)
-//
-//	fcgiConnFactory := gofast.SimpleConnFactory("tcp", "0.0.0.0:6083")
-//
-//	fcgiHandler := gofast.NewHandler(
-//		gofast.BasicParamsMap(gofast.BasicSession),
-//		gofast.SimpleClientFactory(fcgiConnFactory, 0),
-//	)
-//
-//	w := httptest.NewRecorder()
-//	req := httptest.NewRequest("GET", "http://site.local/hello-world", nil)
-//	fcgiHandler.ServeHTTP(w, req)
-//
-//	body, err := ioutil.ReadAll(w.Result().Body)
-//
-//	assert.NoError(t, err)
-//	assert.Equal(t, 200, w.Result().StatusCode)
-//	assert.Equal(t, "http://site.local/hello-world", string(body))
-//	c.Stop()
-//}
diff --git a/plugins/http/tests/h2c_test.go b/plugins/http/tests/h2c_test.go
deleted file mode 100644
index c85ce942..00000000
--- a/plugins/http/tests/h2c_test.go
+++ /dev/null
@@ -1,81 +0,0 @@
-package tests
-
-//
-//import (
-//	"net/http"
-//	"testing"
-//	"time"
-//
-//	"github.com/cenkalti/backoff/v4"
-//	"github.com/stretchr/testify/assert"
-//)
-//
-//func Test_Service_H2C(t *testing.T) {
-//	bkoff := backoff.NewExponentialBackOff()
-//	bkoff.MaxElapsedTime = time.Second * 15
-//
-//	err := backoff.Retry(func() error {
-//		logger, _ := test.NewNullLogger()
-//		logger.SetLevel(logrus.DebugLevel)
-//
-//		c := service.NewContainer(logger)
-//		c.Register(ID, &Service{})
-//
-//		err := c.Init(&testCfg{httpCfg: `{
-//			"address": ":6029",
-//			"http2": {"h2c":true},
-//			"workers":{
-//				"command": "php ../../tests/http/client.php echo pipes",
-//				"relay": "pipes",
-//				"pool": {
-//					"numWorkers": 1
-//				}
-//			}
-//	}`})
-//		if err != nil {
-//			return err
-//		}
-//
-//		s, st := c.Get(ID)
-//		assert.NotNil(t, s)
-//		assert.Equal(t, service.StatusOK, st)
-//
-//		// should do nothing
-//		s.(*Service).Stop()
-//
-//		go func() {
-//			err := c.Serve()
-//			if err != nil {
-//				t.Errorf("error serving: %v", err)
-//			}
-//		}()
-//		time.Sleep(time.Millisecond * 100)
-//		defer c.Stop()
-//
-//		req, err := http.NewRequest("PRI", "http://localhost:6029?hello=world", nil)
-//		if err != nil {
-//			return err
-//		}
-//
-//		req.Header.Add("Upgrade", "h2c")
-//		req.Header.Add("Connection", "HTTP2-Settings")
-//		req.Header.Add("HTTP2-Settings", "")
-//
-//		r, err2 := http.DefaultClient.Do(req)
-//		if err2 != nil {
-//			return err2
-//		}
-//
-//		assert.Equal(t, "101 Switching Protocols", r.Status)
-//
-//		err3 := r.Body.Close()
-//		if err3 != nil {
-//			return err3
-//		}
-//		return nil
-//	}, bkoff)
-//
-//	if err != nil {
-//		t.Fatal(err)
-//	}
-//}
diff --git a/plugins/http/tests/http_test.go b/plugins/http/tests/http_test.go
index 4f43ca1e..47ad0e51 100644
--- a/plugins/http/tests/http_test.go
+++ b/plugins/http/tests/http_test.go
@@ -4,11 +4,11 @@ import (
 	"bytes"
 	"crypto/tls"
 	"io/ioutil"
-	"net"
 	"net/http"
 	"net/http/httptest"
 	"os"
 	"os/signal"
+	"sync"
 	"syscall"
 	"testing"
 	"time"
@@ -17,6 +17,7 @@ import (
 	"github.com/spiral/roadrunner/v2/plugins/config"
 	httpPlugin "github.com/spiral/roadrunner/v2/plugins/http"
 	"github.com/spiral/roadrunner/v2/plugins/logger"
+	"github.com/yookoala/gofast"
 
 	rpcPlugin "github.com/spiral/roadrunner/v2/plugins/rpc"
 	"github.com/spiral/roadrunner/v2/plugins/server"
@@ -60,30 +61,37 @@ func TestHTTPInit(t *testing.T) {
 	sig := make(chan os.Signal, 1)
 	signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
 
-	tt := time.NewTimer(time.Second * 1000)
-	for {
-		select {
-		case e := <-ch:
-			assert.Fail(t, "error", e.Error.Error())
-			err = cont.Stop()
-			if err != nil {
-				assert.FailNow(t, "error", err.Error())
-			}
-		case <-sig:
-			err = cont.Stop()
-			if err != nil {
-				assert.FailNow(t, "error", err.Error())
-			}
-			return
-		case <-tt.C:
-			// timeout
-			err = cont.Stop()
-			if err != nil {
-				assert.FailNow(t, "error", err.Error())
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+	go func() {
+		tt := time.NewTimer(time.Second * 2)
+		defer wg.Done()
+		for {
+			select {
+			case e := <-ch:
+				assert.Fail(t, "error", e.Error.Error())
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+			case <-sig:
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			case <-tt.C:
+				// timeout
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
 			}
-			return
 		}
-	}
+	}()
+
+	wg.Wait()
 }
 
 func TestSSL(t *testing.T) {
@@ -115,8 +123,11 @@ func TestSSL(t *testing.T) {
 	sig := make(chan os.Signal, 1)
 	signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
 
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
 	go func() {
-		tt := time.NewTimer(time.Second * 1000)
+		tt := time.NewTimer(time.Second * 5)
+		defer wg.Done()
 		for {
 			select {
 			case e := <-ch:
@@ -143,10 +154,35 @@ func TestSSL(t *testing.T) {
 	}()
 
 	t.Run("SSLEcho", sslEcho)
+	t.Run("SSLNoRedirect", sslNoRedirect)
+	t.Run("fCGIecho", fcgiEcho)
+	wg.Wait()
+}
+
+func sslNoRedirect(t *testing.T) {
+	req, err := http.NewRequest("GET", "http://localhost:8085?hello=world", nil)
+	assert.NoError(t, err)
+
+	r, err := sslClient.Do(req)
+	assert.NoError(t, err)
+
+	assert.Nil(t, r.TLS)
+
+	b, err := ioutil.ReadAll(r.Body)
+	assert.NoError(t, err)
+
+	assert.NoError(t, err)
+	assert.Equal(t, 201, r.StatusCode)
+	assert.Equal(t, "WORLD", string(b))
+
+	err2 := r.Body.Close()
+	if err2 != nil {
+		t.Errorf("fail to close the Body: error %v", err2)
+	}
 }
 
 func sslEcho(t *testing.T) {
-	req, err := http.NewRequest("GET", "https://localhost:8888?hello=world", nil)
+	req, err := http.NewRequest("GET", "https://localhost:8893?hello=world", nil)
 	assert.NoError(t, err)
 
 	r, err := sslClient.Do(req)
@@ -165,12 +201,31 @@ func sslEcho(t *testing.T) {
 	}
 }
 
-func TestFastCGI(t *testing.T) {
+func fcgiEcho(t *testing.T) {
+	fcgiConnFactory := gofast.SimpleConnFactory("tcp", "0.0.0.0:6920")
+
+	fcgiHandler := gofast.NewHandler(
+		gofast.BasicParamsMap(gofast.BasicSession),
+		gofast.SimpleClientFactory(fcgiConnFactory, 0),
+	)
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("GET", "http://site.local/?hello=world", nil)
+	fcgiHandler.ServeHTTP(w, req)
+
+	body, err := ioutil.ReadAll(w.Result().Body)
+
+	assert.NoError(t, err)
+	assert.Equal(t, 201, w.Result().StatusCode)
+	assert.Equal(t, "WORLD", string(body))
+}
+
+func TestSSLRedirect(t *testing.T) {
 	cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.DebugLevel), endure.Visualize(endure.StdOut, ""))
 	assert.NoError(t, err)
 
 	cfg := &config.Viper{
-		Path:   "configs/.rr-fcgi.yaml",
+		Path:   "configs/.rr-ssl-redirect.yaml",
 		Prefix: "rr",
 	}
 
@@ -194,8 +249,11 @@ func TestFastCGI(t *testing.T) {
 	sig := make(chan os.Signal, 1)
 	signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
 
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
 	go func() {
-		tt := time.NewTimer(time.Second * 1000)
+		tt := time.NewTimer(time.Second * 5)
+		defer wg.Done()
 		for {
 			select {
 			case e := <-ch:
@@ -221,40 +279,371 @@ func TestFastCGI(t *testing.T) {
 		}
 	}()
 
-	t.Run("FastCGIEcho", fcgiEcho)
+	t.Run("SSLRedirect", sslRedirect)
+	wg.Wait()
 }
 
-func fcgiEcho(t *testing.T) {
-	conn, err := net.Dial("tcp", "0.0.0.0:6920")
+func sslRedirect(t *testing.T) {
+	req, err := http.NewRequest("GET", "http://localhost:8087?hello=world", nil)
+	assert.NoError(t, err)
+
+	r, err := sslClient.Do(req)
+	assert.NoError(t, err)
+	assert.NotNil(t, r.TLS)
+
+	b, err := ioutil.ReadAll(r.Body)
+	assert.NoError(t, err)
+
+	assert.NoError(t, err)
+	assert.Equal(t, 201, r.StatusCode)
+	assert.Equal(t, "WORLD", string(b))
+
+	err2 := r.Body.Close()
+	if err2 != nil {
+		t.Errorf("fail to close the Body: error %v", err2)
+	}
+}
+
+func TestSSLPushPipes(t *testing.T) {
+	time.Sleep(time.Second)
+	cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.DebugLevel), endure.Visualize(endure.StdOut, ""))
+	assert.NoError(t, err)
+
+	cfg := &config.Viper{
+		Path:   "configs/.rr-ssl-push.yaml",
+		Prefix: "rr",
+	}
+
+	err = cont.RegisterAll(
+		cfg,
+		&rpcPlugin.Plugin{},
+		&logger.ZapLogger{},
+		&server.Plugin{},
+		&httpPlugin.Plugin{},
+	)
+	assert.NoError(t, err)
+
+	err = cont.Init()
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	_, err = conn.Write([]byte("data"))
+	ch, err := cont.Serve()
+	assert.NoError(t, err)
+
+	sig := make(chan os.Signal, 1)
+	signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
+
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+	go func() {
+		tt := time.NewTimer(time.Second * 5)
+		defer wg.Done()
+		for {
+			select {
+			case e := <-ch:
+				assert.Fail(t, "error", e.Error.Error())
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+			case <-sig:
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			case <-tt.C:
+				// timeout
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			}
+		}
+	}()
+
+	t.Run("SSLPush", sslPush)
+	wg.Wait()
+}
+
+func sslPush(t *testing.T) {
+	req, err := http.NewRequest("GET", "https://localhost:8894?hello=world", nil)
+	assert.NoError(t, err)
+
+	r, err := sslClient.Do(req)
+	assert.NoError(t, err)
+
+	assert.NotNil(t, r.TLS)
+
+	b, err := ioutil.ReadAll(r.Body)
+	assert.NoError(t, err)
+
+	assert.Equal(t, "", r.Header.Get("Http2-Push"))
+
+	assert.NoError(t, err)
+	assert.Equal(t, 201, r.StatusCode)
+	assert.Equal(t, "WORLD", string(b))
+
+	err2 := r.Body.Close()
+	if err2 != nil {
+		t.Errorf("fail to close the Body: error %v", err2)
+	}
+}
+
+func TestFastCGI_RequestUri(t *testing.T) {
+	cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.DebugLevel), endure.Visualize(endure.StdOut, ""))
+	assert.NoError(t, err)
+
+	cfg := &config.Viper{
+		Path:   "configs/.rr-fcgi-reqUri.yaml",
+		Prefix: "rr",
+	}
+
+	err = cont.RegisterAll(
+		cfg,
+		&rpcPlugin.Plugin{},
+		&logger.ZapLogger{},
+		&server.Plugin{},
+		&httpPlugin.Plugin{},
+	)
+	assert.NoError(t, err)
+
+	err = cont.Init()
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	//fcgiConnFactory := gofast.SimpleConnFactory("tcp", "0.0.0.0:6920")
-	//
-	//fcgiHandler := gofast.NewHandler(
-	//	gofast.BasicParamsMap(gofast.BasicSession),
-	//	gofast.SimpleClientFactory(fcgiConnFactory, 0),
-	//)
+	ch, err := cont.Serve()
+	assert.NoError(t, err)
+
+	sig := make(chan os.Signal, 1)
+	signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
+
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+	go func() {
+		tt := time.NewTimer(time.Second * 5)
+		defer wg.Done()
+		for {
+			select {
+			case e := <-ch:
+				assert.Fail(t, "error", e.Error.Error())
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+			case <-sig:
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			case <-tt.C:
+				// timeout
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			}
+		}
+	}()
+
+	t.Run("FastCGIServiceRequestUri", fcgiReqUri)
+	wg.Wait()
+}
+
+func fcgiReqUri(t *testing.T) {
+	fcgiConnFactory := gofast.SimpleConnFactory("tcp", "0.0.0.0:6921")
+
+	fcgiHandler := gofast.NewHandler(
+		gofast.BasicParamsMap(gofast.BasicSession),
+		gofast.SimpleClientFactory(fcgiConnFactory, 0),
+	)
 
 	w := httptest.NewRecorder()
-	//req := httptest.NewRequest("GET", "http://site.local/?hello=world", nil)
-	//err = fcgi.Serve(, req)
-	//if err != nil {
-	//	t.Fatal(err)
-	//}
-	//fcgiHandler.ServeHTTP(w, req)
+	req := httptest.NewRequest("GET", "http://site.local/hello-world", nil)
+	fcgiHandler.ServeHTTP(w, req)
 
 	body, err := ioutil.ReadAll(w.Result().Body)
+	assert.NoError(t, err)
+	assert.Equal(t, 200, w.Result().StatusCode)
+	assert.Equal(t, "http://site.local/hello-world", string(body))
+}
 
+func TestH2CUpgrade(t *testing.T) {
+	cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.DebugLevel), endure.Visualize(endure.StdOut, ""))
 	assert.NoError(t, err)
-	assert.Equal(t, 201, w.Result().StatusCode)
-	assert.Equal(t, "WORLD", string(body))
+
+	cfg := &config.Viper{
+		Path:   "configs/.rr-h2c.yaml",
+		Prefix: "rr",
+	}
+
+	err = cont.RegisterAll(
+		cfg,
+		&rpcPlugin.Plugin{},
+		&logger.ZapLogger{},
+		&server.Plugin{},
+		&httpPlugin.Plugin{},
+	)
+	assert.NoError(t, err)
+
+	err = cont.Init()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ch, err := cont.Serve()
+	assert.NoError(t, err)
+
+	sig := make(chan os.Signal, 1)
+	signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
+
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+
+	go func() {
+		tt := time.NewTimer(time.Second * 5)
+		defer wg.Done()
+		for {
+			select {
+			case e := <-ch:
+				assert.Fail(t, "error", e.Error.Error())
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+			case <-sig:
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			case <-tt.C:
+				// timeout
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			}
+		}
+	}()
+
+	t.Run("H2cUpgrade", h2cUpgrade)
+	wg.Wait()
+}
+
+func h2cUpgrade(t *testing.T) {
+	req, err := http.NewRequest("PRI", "http://localhost:8083?hello=world", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	req.Header.Add("Upgrade", "h2c")
+	req.Header.Add("Connection", "HTTP2-Settings")
+	req.Header.Add("HTTP2-Settings", "")
+
+	r, err2 := http.DefaultClient.Do(req)
+	if err2 != nil {
+		t.Fatal(err)
+	}
+
+	assert.Equal(t, "101 Switching Protocols", r.Status)
+
+	err3 := r.Body.Close()
+	if err3 != nil {
+		t.Fatal(err)
+	}
+}
+
+func TestH2C(t *testing.T) {
+	cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.DebugLevel), endure.Visualize(endure.StdOut, ""))
+	assert.NoError(t, err)
+
+	cfg := &config.Viper{
+		Path:   "configs/.rr-h2c.yaml",
+		Prefix: "rr",
+	}
+
+	err = cont.RegisterAll(
+		cfg,
+		&rpcPlugin.Plugin{},
+		&logger.ZapLogger{},
+		&server.Plugin{},
+		&httpPlugin.Plugin{},
+	)
+	assert.NoError(t, err)
+
+	err = cont.Init()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ch, err := cont.Serve()
+	assert.NoError(t, err)
+
+	sig := make(chan os.Signal, 1)
+	signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM)
+
+	wg := &sync.WaitGroup{}
+	wg.Add(1)
+
+	go func() {
+		tt := time.NewTimer(time.Second * 5)
+		defer wg.Done()
+		for {
+			select {
+			case e := <-ch:
+				assert.Fail(t, "error", e.Error.Error())
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+			case <-sig:
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			case <-tt.C:
+				// timeout
+				err = cont.Stop()
+				if err != nil {
+					assert.FailNow(t, "error", err.Error())
+				}
+				return
+			}
+		}
+	}()
+
+	t.Run("H2c", h2c)
+	wg.Wait()
+}
+
+func h2c(t *testing.T) {
+	req, err := http.NewRequest("PRI", "http://localhost:8083?hello=world", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	req.Header.Add("Connection", "HTTP2-Settings")
+	req.Header.Add("HTTP2-Settings", "")
+
+	r, err2 := http.DefaultClient.Do(req)
+	if err2 != nil {
+		t.Fatal(err)
+	}
+
+	assert.Equal(t, "201 Created", r.Status)
+
+	err3 := r.Body.Close()
+	if err3 != nil {
+		t.Fatal(err)
+	}
 }
 
 func get(url string) (string, *http.Response, error) {
diff --git a/plugins/http/tests/plugin_test.go b/plugins/http/tests/plugin_test_old.go
index 852e5545..852e5545 100644
--- a/plugins/http/tests/plugin_test.go
+++ b/plugins/http/tests/plugin_test_old.go
diff --git a/plugins/http/tests/rpc_test.go b/plugins/http/tests/rpc_test_old.go
index 925aa082..925aa082 100644
--- a/plugins/http/tests/rpc_test.go
+++ b/plugins/http/tests/rpc_test_old.go
diff --git a/plugins/http/tests/ssl_test.go b/plugins/http/tests/ssl_test.go
deleted file mode 100644
index ee0e6e98..00000000
--- a/plugins/http/tests/ssl_test.go
+++ /dev/null
@@ -1,178 +0,0 @@
-package tests
-
-//func Test_SSL_Service_NoRedirect(t *testing.T) {
-//	logger, _ := test.NewNullLogger()
-//	logger.SetLevel(logrus.DebugLevel)
-//
-//	c := service.NewContainer(logger)
-//	c.Register(ID, &Service{})
-//
-//	assert.NoError(t, c.Init(&testCfg{httpCfg: `{
-//			"address": ":6030",
-//			"ssl": {
-//				"port": 6901,
-//				"key": "fixtures/server.key",
-//				"cert": "fixtures/server.crt"
-//			},
-//			"workers":{
-//				"command": "php ../../tests/http/client.php echo pipes",
-//				"pool": {"numWorkers": 1}
-//			}
-//	}`}))
-//
-//	s, st := c.Get(ID)
-//	assert.NotNil(t, s)
-//	assert.Equal(t, service.StatusOK, st)
-//
-//	// should do nothing
-//	s.(*Service).Stop()
-//
-//	go func() {
-//		err := c.Serve()
-//		if err != nil {
-//			t.Errorf("error during the Serve: error %v", err)
-//		}
-//	}()
-//
-//	time.Sleep(time.Millisecond * 500)
-//
-//	req, err := http.NewRequest("GET", "http://localhost:6030?hello=world", nil)
-//	assert.NoError(t, err)
-//
-//	r, err := sslClient.Do(req)
-//	assert.NoError(t, err)
-//
-//	assert.Nil(t, r.TLS)
-//
-//	b, err := ioutil.ReadAll(r.Body)
-//	assert.NoError(t, err)
-//
-//	assert.NoError(t, err)
-//	assert.Equal(t, 201, r.StatusCode)
-//	assert.Equal(t, "WORLD", string(b))
-//
-//	err2 := r.Body.Close()
-//	if err2 != nil {
-//		t.Errorf("fail to close the Body: error %v", err2)
-//	}
-//	c.Stop()
-//}
-//
-//func Test_SSL_Service_Redirect(t *testing.T) {
-//	logger, _ := test.NewNullLogger()
-//	logger.SetLevel(logrus.DebugLevel)
-//
-//	c := service.NewContainer(logger)
-//	c.Register(ID, &Service{})
-//
-//	assert.NoError(t, c.Init(&testCfg{httpCfg: `{
-//			"address": ":6831",
-//			"ssl": {
-//				"port": 6902,
-//				"redirect": true,
-//				"key": "fixtures/server.key",
-//				"cert": "fixtures/server.crt"
-//			},
-//			"workers":{
-//				"command": "php ../../tests/http/client.php echo pipes",
-//				"pool": {"numWorkers": 1}
-//			}
-//	}`}))
-//
-//	s, st := c.Get(ID)
-//	assert.NotNil(t, s)
-//	assert.Equal(t, service.StatusOK, st)
-//
-//	// should do nothing
-//	s.(*Service).Stop()
-//
-//	go func() {
-//		err := c.Serve()
-//		if err != nil {
-//			t.Errorf("error during the Serve: error %v", err)
-//		}
-//	}()
-//
-//	time.Sleep(time.Millisecond * 500)
-//
-//	req, err := http.NewRequest("GET", "http://localhost:6831?hello=world", nil)
-//	assert.NoError(t, err)
-//
-//	r, err := sslClient.Do(req)
-//	assert.NoError(t, err)
-//	assert.NotNil(t, r.TLS)
-//
-//	b, err := ioutil.ReadAll(r.Body)
-//	assert.NoError(t, err)
-//
-//	assert.NoError(t, err)
-//	assert.Equal(t, 201, r.StatusCode)
-//	assert.Equal(t, "WORLD", string(b))
-//
-//	err2 := r.Body.Close()
-//	if err2 != nil {
-//		t.Errorf("fail to close the Body: error %v", err2)
-//	}
-//	c.Stop()
-//}
-//
-//func Test_SSL_Service_Push(t *testing.T) {
-//	logger, _ := test.NewNullLogger()
-//	logger.SetLevel(logrus.DebugLevel)
-//
-//	c := service.NewContainer(logger)
-//	c.Register(ID, &Service{})
-//
-//	assert.NoError(t, c.Init(&testCfg{httpCfg: `{
-//			"address": ":6032",
-//			"ssl": {
-//				"port": 6903,
-//				"redirect": true,
-//				"key": "fixtures/server.key",
-//				"cert": "fixtures/server.crt"
-//			},
-//			"workers":{
-//				"command": "php ../../tests/http/client.php push pipes",
-//				"pool": {"numWorkers": 1}
-//			}
-//	}`}))
-//
-//	s, st := c.Get(ID)
-//	assert.NotNil(t, s)
-//	assert.Equal(t, service.StatusOK, st)
-//
-//	// should do nothing
-//	s.(*Service).Stop()
-//
-//	go func() {
-//		err := c.Serve()
-//		if err != nil {
-//			t.Errorf("error during the Serve: error %v", err)
-//		}
-//	}()
-//	time.Sleep(time.Millisecond * 500)
-//
-//	req, err := http.NewRequest("GET", "https://localhost:6903?hello=world", nil)
-//	assert.NoError(t, err)
-//
-//	r, err := sslClient.Do(req)
-//	assert.NoError(t, err)
-//
-//	assert.NotNil(t, r.TLS)
-//
-//	b, err := ioutil.ReadAll(r.Body)
-//	assert.NoError(t, err)
-//
-//	assert.Equal(t, "", r.Header.Get("Http2-Push"))
-//
-//	assert.NoError(t, err)
-//	assert.Equal(t, 201, r.StatusCode)
-//	assert.Equal(t, "WORLD", string(b))
-//
-//
-//	err2 := r.Body.Close()
-//	if err2 != nil {
-//		t.Errorf("fail to close the Body: error %v", err2)
-//	}
-//	c.Stop()
-//}
diff --git a/plugins/http/tests/uploads_test.go b/plugins/http/tests/uploads_test.go
index 770e447f..ee244c06 100644
--- a/plugins/http/tests/uploads_test.go
+++ b/plugins/http/tests/uploads_test.go
@@ -371,11 +371,11 @@ func mustOpen(f string) *os.File {
 }
 
 type fInfo struct {
-	Name  string `json:"name"`
-	Size  int64  `json:"size"`
-	Mime  string `json:"mime"`
-	Error int    `json:"error"`
-	MD5   string `json:"md5,omitempty"`
+	Name   string `json:"name"`
+	Size   int64  `json:"size"`
+	Mime   string `json:"mime"`
+	Error  int    `json:"error"`
+	Sha512 string `json:"sha512,omitempty"`
 }
 
 func fileString(f string, errNo int, mime string) string {
@@ -403,15 +403,15 @@ func fileString(f string, errNo int, mime string) string {
 	}
 
 	v := &fInfo{
-		Name:  s.Name(),
-		Size:  s.Size(),
-		Error: errNo,
-		Mime:  mime,
-		MD5:   hex.EncodeToString(h.Sum(nil)),
+		Name:   s.Name(),
+		Size:   s.Size(),
+		Error:  errNo,
+		Mime:   mime,
+		Sha512: hex.EncodeToString(h.Sum(nil)),
 	}
 
 	if errNo != 0 {
-		v.MD5 = ""
+		v.Sha512 = ""
 		v.Size = 0
 	}
 
diff --git a/tests/http/upload.php b/tests/http/upload.php
index bb4af766..57526246 100644
--- a/tests/http/upload.php
+++ b/tests/http/upload.php
@@ -24,7 +24,7 @@ function handleRequest(ServerRequestInterface $req, ResponseInterface $resp): Re
                 'size'  => $v->getSize(),
                 'mime'  => $v->getClientMediaType(),
                 'error' => $v->getError(),
-                'md5'   => md5($v->getStream()->__toString()),
+                'sha512'   => hash('sha512', $v->getStream()->__toString()),
             ];
         }
     });