[FYI] Clear Client Hints via Clear-Site-Data header #871
Labels
Missing: Multi-stakeholder support
Lack of multi-stakeholder support
Resolution: satisfied with concerns
The TAG is satisfied with this work overall but requires changes
Topic: Client Hints
Venue: WICG
Milestone
こんにちは TAG-さん!
I'm requesting a TAG review of Clear Client Hints via Clear-Site-Data header.
Websites will now be able to clear the client hints cache using
Clear-Site-Data: “clientHints”
. Client hints will also now be cleared when “cookies”, “cache”, or “*” are targeted by the same header. This is because if the user clears cookies in the UI client hints are already cleared as well, the client hints cache is a cache, and to be consistent with wildcard targets respectively.Further details:
You should also know that...
The only current way for a website to force the client hint cache to be cleared is to send a single header like
Accept-CH:
with no content. If any otherAccept-CH:
headers are sent at all (empty or not) this will cause all of them to be ignored. If theAccept-CH
header is injected into an HTTP response at multiple points, it can be difficult to silence them all when one part of the server wishes to clear all hints. This header provides a way to do that, as theClear-Site-Data: “clientHints”
header clears the cache and causes all otherAccept-Ch
orCritical-CH
headers to be ignored.We'd prefer the TAG provide feedback as (please delete all but the desired option):
🐛 open issues in our GitHub repo for each point of feedback
The text was updated successfully, but these errors were encountered: