Specifies whether TLS 1.3 0-RTT Data ("Early Data") should be
accepted for this service. Early Data allows a TLS resumption
handshake to include the initial application payload (a HTTP
request) alongside the handshake, reducing the effective round
trips to "zero". This applies to TLS 1.3 connections over TCP
(HTTP/2) as well as over UDP (QUIC/h3). This can improve
application performance, especially on networks where
interruptions may be common, such as on mobile. Requests with
Early Data will have the "Early-Data" HTTP header set on the
request, with a value of "1", to allow the backend to determine
whether Early Data was included. Note: TLS Early Data may allow
requests to be replayed, as the data is sent to the backend
before the handshake has fully completed. Applications that
allow idempotent HTTP methods to make non-idempotent changes,
such as a GET request updating a database, should not accept
Early Data on those requests, and reject requests with the
"Early-Data: 1" HTTP header by returning a HTTP 425 (Too Early)
status code, in order to remain RFC compliant. The default value
is DISABLED.
Enums
Name
Description
UNDEFINED_TLS_EARLY_DATA
A value indicating that the enum field is not set.
DISABLED
TLS 1.3 Early Data is not advertised, and any (invalid) attempts to send Early Data will be rejected by closing the connection.
PERMISSIVE
This enables TLS 1.3 0-RTT, and only allows Early Data to be included on requests with safe HTTP methods (GET, HEAD, OPTIONS, TRACE). This mode does not enforce any other limitations for requests with Early Data. The application owner should validate that Early Data is acceptable for a given request path.
STRICT
This enables TLS 1.3 0-RTT, and only allows Early Data to be included on requests with safe HTTP methods (GET, HEAD, OPTIONS, TRACE) without query parameters. Requests that send Early Data with non-idempotent HTTP methods or with query parameters will be rejected with a HTTP 425.
UNRESTRICTED
This enables TLS 1.3 Early Data for requests with any HTTP method including non-idempotent methods list POST. This mode does not enforce any other limitations. This may be valuable for gRPC use cases. However, we do not recommend this method unless you have evaluated your security stance and mitigated the risk of replay attacks using other mechanisms.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-11 UTC."],[],[],null,["# Class TlsEarlyData (1.35.0)\n\nVersion latestkeyboard_arrow_down\n\n- [1.35.0 (latest)](/python/docs/reference/compute/latest/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.34.0](/python/docs/reference/compute/1.34.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.33.0](/python/docs/reference/compute/1.33.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.32.0](/python/docs/reference/compute/1.32.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.31.0](/python/docs/reference/compute/1.31.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.30.0](/python/docs/reference/compute/1.30.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.29.0](/python/docs/reference/compute/1.29.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.28.0](/python/docs/reference/compute/1.28.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.27.0](/python/docs/reference/compute/1.27.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.26.0](/python/docs/reference/compute/1.26.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.25.0](/python/docs/reference/compute/1.25.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.24.0](/python/docs/reference/compute/1.24.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.23.0](/python/docs/reference/compute/1.23.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.22.0](/python/docs/reference/compute/1.22.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.21.0](/python/docs/reference/compute/1.21.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.20.1](/python/docs/reference/compute/1.20.1/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.19.2](/python/docs/reference/compute/1.19.2/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.18.0](/python/docs/reference/compute/1.18.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.17.0](/python/docs/reference/compute/1.17.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.16.1](/python/docs/reference/compute/1.16.1/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.15.0](/python/docs/reference/compute/1.15.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.14.1](/python/docs/reference/compute/1.14.1/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.13.0](/python/docs/reference/compute/1.13.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.12.1](/python/docs/reference/compute/1.12.1/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.11.0](/python/docs/reference/compute/1.11.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.10.1](/python/docs/reference/compute/1.10.1/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.9.0](/python/docs/reference/compute/1.9.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.8.0](/python/docs/reference/compute/1.8.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.7.0](/python/docs/reference/compute/1.7.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.6.1](/python/docs/reference/compute/1.6.1/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.5.2](/python/docs/reference/compute/1.5.2/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.4.0](/python/docs/reference/compute/1.4.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.3.2](/python/docs/reference/compute/1.3.2/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.2.0](/python/docs/reference/compute/1.2.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.1.0](/python/docs/reference/compute/1.1.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [1.0.0](/python/docs/reference/compute/1.0.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.9.0](/python/docs/reference/compute/0.9.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.8.0](/python/docs/reference/compute/0.8.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.7.0](/python/docs/reference/compute/0.7.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.6.0](/python/docs/reference/compute/0.6.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.5.0](/python/docs/reference/compute/0.5.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.4.2](/python/docs/reference/compute/0.4.2/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.3.0](/python/docs/reference/compute/0.3.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.2.1](/python/docs/reference/compute/0.2.1/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData)\n- [0.1.0](/python/docs/reference/compute/0.1.0/google.cloud.compute_v1.types.TargetHttpsProxy.TlsEarlyData) \n\n TlsEarlyData(value)\n\nSpecifies whether TLS 1.3 0-RTT Data (\"Early Data\") should be\naccepted for this service. Early Data allows a TLS resumption\nhandshake to include the initial application payload (a HTTP\nrequest) alongside the handshake, reducing the effective round\ntrips to \"zero\". This applies to TLS 1.3 connections over TCP\n(HTTP/2) as well as over UDP (QUIC/h3). This can improve\napplication performance, especially on networks where\ninterruptions may be common, such as on mobile. Requests with\nEarly Data will have the \"Early-Data\" HTTP header set on the\nrequest, with a value of \"1\", to allow the backend to determine\nwhether Early Data was included. Note: TLS Early Data may allow\nrequests to be replayed, as the data is sent to the backend\nbefore the handshake has fully completed. Applications that\nallow idempotent HTTP methods to make non-idempotent changes,\nsuch as a GET request updating a database, should not accept\nEarly Data on those requests, and reject requests with the\n\"Early-Data: 1\" HTTP header by returning a HTTP 425 (Too Early)\nstatus code, in order to remain RFC compliant. The default value\nis DISABLED."]]