nginx SSL gzip Question

I saw a comment on nginx site configuration that gzip should be disabled of SSL to avoid BREACH attacks.

Discussion thread seems bit old as of now. Is this issue fixed?

My site is https. Can I enable gzip on SSL now?

As per google page speed test, I am getting 47/100. What else can I do to make response faster?

I already have images served from AWS Cloudfront with compression enabled.

Also I have set up the expires header like this based on the tutorial by Digital Ocean https://www.digitalocean.com/community/questions/leverage-browser-caching-for-nginx

#Expires map
map $sent_http_content_type $expires {
        default                    off;
        text/html                  epoch;
        text/css                   max;
        application/javascript     max;
        ~image/                    max;
        image/svg+xml                   max;
        application/x-font-ttf          max;
        application/x-font-truetype     max;
        application/x-font-opentype     max;
        application/font-woff           max;
        application/font-woff2          max;
        application/vnd.ms-fontobject   max;
        application/font-sfnt           max;
}

But google page speed test still suggest to leverage browser cache (no expiry defined for images).

not sure why.

This is my first nginx setup.

Really appreciate some help.