Early-Data header

{{SeeCompatTable}}

The HTTP Early-Data {{Glossary("request header")}} is set by an intermediary to indicate that the request has been conveyed in TLS early data, and also indicates that the intermediary understands the {{HTTPStatus("425", "425 Too Early")}} status code.

If a client has interacted with a server recently, early data (also known as zero round-trip time (0-RTT) data) allows the client to send data to a server in the first round trip of a connection, without waiting for the TLS handshake to complete. This reduces latency for repeat connections between a client and server, but has security implications, as early data is susceptible to replay attacks.

The Early-Data header is not set by the originator of the request (i.e., a browser).

Syntax

Early-Data: 1

Examples

A GET request with an Early-Data header

A client that wants to use early data can send HTTP requests immediately after sending the TLS ClientHello. Sending a request in early data implies that the client is willing to retry a request in response to a {{HTTPStatus("425", "425 Too Early")}} status code, so the Early-Data header is not included:

GET /resource HTTP/1.1
Host: example.com

An intermediary that forwards a request prior to the completion of the TLS handshake with its client sends it with the Early-Data header set to 1:

GET /resource HTTP/1.1
Host: example.com
Early-Data: 1

Specifications

{{Specifications}}

Browser compatibility

{{Compat}}

See also

• {{HTTPStatus("425", "425 Too Early")}}
• Replay Attacks on 0-RTT