The HTTP Clear-Site-Data response header is sent by a server to clear browsing-related data such as cache, Cookies, and certain types of storage.
The Clear-Site-Data header is intended to give servers better control over what is stored by web browsers. When the HTTP header is received, it is accompanied by one or more quoted-string directives to instruct the client concerning the data to be cleared.
cache directive serves as a request from the server to delete all of the locally cached data for the origin server. Certain implementations may also delete similar data such as script caches or automated suggestions for the browser’s address bar.
cookies directive is an indication that the server wants to clear all of the Cookies related to the origin server. This includes all types of credentials used for Authentication and authorization. The scope of this HTTP request is the entire domain, including any subdomains.
storage directive means that the server wants to remove all of the Document Object Module (DOM) storage on the local system for the origin server. This includes several different modules such as:
- WebSQL databases
- FileSytem API data
- Data related to plugins
- It executes localStorage.clear to clear localStorage
- It executes sessionStorage.clear, doing the same for session storage
This directive is a request from the server to reload all of the browsing contexts for the origin server.
* directive is a wildcard that serves as a request to erase all types of data for the origin server. This covers the aforementioned types, as well as any directives that may be released in the future.
In this example, the user has logged out and the server wants to delete all of the locally stored data.
The Clear-Site-Data HTTP header provides a mechanism for a server to request that locally stored browsing-related data be deleted from the client.