May 14, 2019

425 Too Early

When a HTTP client makes a connection to a HTTPS server, it uses TLS to create a secure connection. TLS can have a bit of a complicated ‘handshake’ to establish the connection. Because there’s a bunch of back and forward, this can take a long time, especially when there’s a lot of latency between server and client.

There are ways for clients to optimize this setup by sending a bunch of data very early in the process, before the full TLS connection is completely setup.

In some cases this can cause security problems. In those cases a the server can tell the client to retry a specific HTTP request after the TLS connection has been fully set up

In these situations, it will return the 425 Too Early status code.

Normally, you would never have to deal with this status code as a developer, unless you are creating HTTP(s) servers from scratch.

References

RFC8470, Section 5.2 - 425 Too Early

HTTP series

This article is part of a series about the HTTP protocol. Read them all here:

Series of posts on HTTP status codes (2018-06-27)

Informational 1xx

100 Continue (2018-06-27)
101 Switching Protocols (2018-06-28)
102 Processing (2018-06-29)
103 Early Hints (2018-06-30)

Successful 2xx

200 OK (2018-07-03)
201 Created (2018-07-10)
202 Accepted (2018-07-17)
203 Non-Authoritative Information (2018-07-24)
204 No Content (2018-07-31)
205 Reset Content (2018-08-07)
206 Partial Content (2018-08-14)
207 Multi-Status (2018-08-21)
208 Already Reported (2018-08-28)
226 IM Used (2018-09-04)

Redirection 3xx

300 Multiple Choices (2018-09-11)
301 Moved Permanently (2018-09-18)
302 Found (2018-09-25)
303 See Other (2018-10-02)
304 Not Modified (2018-10-09)
305 Use Proxy (2018-10-16)
306 Switch Proxy (2018-10-23)
307 Temporary Redirect (2018-10-30)
308 Permanent Redirect (2018-11-06)
Which redirect do I choose? (2018-11-07)

Client Error 4xx

400 Bad Request (2018-11-13)
401 Unauthorized (2018-11-20)
402 Payment Required (2018-11-27)
403 Forbidden (2018-12-04)
404 Not Found (2018-12-11)
405 Method Not Allowed (2018-12-18)
406 Not Acceptable (2019-01-08)
407 Proxy Authentication Required (2019-01-15)
408 Request Timeout (2019-01-22)
409 Conflict (2019-01-29)
410 Gone (2019-02-05)
411 Length Required (2019-02-12)
412 Precondition Failed (2019-02-19)
413 Payload Too Large (2019-02-26)
414 URI Too Long (2019-03-05)
415 Unsupported Media Type (2019-03-12)
416 Range Not Satisfiable (2019-03-19)
417 Expectation Failed (2019-03-26)
418 I'm a teapot (2019-04-02)
420 Enhance your calm (2019-04-09)
421 Misdirected Request (2019-04-16)
422 Unprocessable Entity (2019-04-23)
423 Locked (2019-04-30)
424 Failed Dependency (2019-05-07)
425 Too Early (2019-05-14)
426 Upgrade Required (2019-05-21)
428 Precondition Required (2019-05-28)
429 Too Many Requests (2019-06-04)
430 Would Block (2019-06-11)
431 Request Header Fields Too Large (2019-06-18)
451 Unavailable For Legal Reasons (2019-06-25)

Server Error 5xx

500 Internal Server Error (2019-07-02)
501 Not Implemented (2019-07-09)
502 Bad Gateway (2019-07-16)
503 Service Unavailable (2019-07-23)
504 Gateway Timeout (2019-07-30)
505 HTTP Version Not Supported (2019-08-06)
506 Variant Also Negotiates (2019-08-13)
507 Insufficient Storage (2019-08-20)
508 Loop Detected (2019-08-30)
510 Not Extended (2019-09-05)
511 Network Authentication Required (2019-09-10)
The end of the HTTP series (2019-09-18)

Web mentions