Response Compression

Response compression settings for reducing HTTP response sizes using Brotli and Gzip algorithms.

Overview

json

{
  "ResponseCompression": {
    "Enabled": false,
    "EnableForHttps": false,
    "UseBrotli": true,
    "UseGzipFallback": true,
    "CompressionLevel": "Optimal",
    "IncludeMimeTypes": [
      "text/plain",
      "text/css",
      "application/javascript",
      "text/html",
      "application/xml",
      "text/xml",
      "application/json",
      "text/json",
      "image/svg+xml",
      "font/woff",
      "font/woff2",
      "application/font-woff",
      "application/font-woff2"
    ],
    "ExcludeMimeTypes": []
  }
}

Settings Reference

Setting	Type	Default	Description
`Enabled`	bool	`false`	Enable response compression for HTTP responses.
`EnableForHttps`	bool	`false`	Enable response compression for HTTPS responses.
`UseBrotli`	bool	`true`	Use Brotli compression algorithm when supported by client.
`UseGzipFallback`	bool	`true`	Use Gzip compression as fallback when Brotli is not supported.
`CompressionLevel`	string	`"Optimal"`	Compression level: `Optimal`, `Fastest`, `NoCompression`, `SmallestSize`.
`IncludeMimeTypes`	array	(see below)	MIME types to include for compression.
`ExcludeMimeTypes`	array	`[]`	MIME types to exclude from compression.

Compression Levels

Level	Description
`Optimal`	Balance between compression ratio and speed (default).
`Fastest`	Fastest compression with lower compression ratio.
`SmallestSize`	Best compression ratio but slower.
`NoCompression`	No compression applied.

Compression Algorithms

Brotli

Brotli provides better compression ratios than Gzip, especially for text content. When UseBrotli is true, the server will use Brotli compression if the client supports it (indicated by Accept-Encoding: br header).

Gzip Fallback

When UseGzipFallback is true, the server falls back to Gzip compression for clients that don't support Brotli but do support Gzip (indicated by Accept-Encoding: gzip header).

HTTPS Compression

Security Consideration

Enabling compression for HTTPS responses (EnableForHttps: true) may expose your application to BREACH-style attacks. Only enable if you understand the security implications and have appropriate mitigations in place.

Default MIME Types

The default IncludeMimeTypes covers common compressible content:

Category	MIME Types
Text	`text/plain`, `text/css`, `text/html`
JavaScript	`application/javascript`
XML	`application/xml`, `text/xml`
JSON	`application/json`, `text/json`
SVG	`image/svg+xml`
Fonts	`font/woff`, `font/woff2`, `application/font-woff`, `application/font-woff2`

Example Configuration

Enable compression for production:

json

{
  "ResponseCompression": {
    "Enabled": true,
    "EnableForHttps": true,
    "UseBrotli": true,
    "UseGzipFallback": true,
    "CompressionLevel": "Optimal"
  }
}

High-compression configuration for bandwidth-constrained environments:

json

{
  "ResponseCompression": {
    "Enabled": true,
    "EnableForHttps": true,
    "UseBrotli": true,
    "UseGzipFallback": true,
    "CompressionLevel": "SmallestSize"
  }
}

Comment Annotations Guide - How annotations work
Configuration Guide - How configuration works

Next Steps

Server & SSL - Configure HTTPS and Kestrel web server
Logging - Configure logging outputs

Response Compression ​

Overview ​

Settings Reference ​

Compression Levels ​

Compression Algorithms ​

Brotli ​

Gzip Fallback ​

HTTPS Compression ​

Default MIME Types ​

Example Configuration ​

Related ​

Next Steps ​

Response Compression

Overview

Settings Reference

Compression Levels

Compression Algorithms

Brotli

Gzip Fallback

HTTPS Compression

Default MIME Types

Example Configuration

Related

Next Steps