Contact emails
ari...@chromium.org, mike...@chromium.org, yoav...@chromium.org
Specification
https://w3c.github.io/webappsec-clear-site-data/
Summary
Websites will now be able to clear all storage targets (“cookies”, “cache”, and “storage”) by sending `Clear-Site-Data: “*”`. Note that Chrome does not support clearing “executionContexts” at the moment, but if we added it in the future any header targeting “*” would then clear them too.
Note: This was proposed in 2017, but never launched in Chrome.
Blink component
Motivation
If a website really wanted to clear all data they would have to list all possible targets in the header and be sure to check if any were added in the future. By using “*” as the target, a website can be sure all data the browser supports to clear via the header will be cleared.
TAG review
https://github.com/w3ctag/design-reviews/issues/62
We would be the first to implement if approved.
Gecko: Positive
WebKit: No current support
Web Developers: None so far
Is this feature fully tested by web-platform-tests?
https://wpt.fyi/results/client-hints/clear-site-data?label=experimental&label=master&aligned
https://wpt.fyi/results/clear-site-data?label=experimental&label=master&aligned
Tracking bug
Link to entry on the Chrome Platform Status
Contact emails
ari...@chromium.org, mike...@chromium.org, yoav...@chromium.org
Specification
https://w3c.github.io/webappsec-clear-site-data/
Summary
Websites will now be able to clear all storage targets (“cookies”, “cache”, and “storage”) by sending `Clear-Site-Data: “*”`. Note that Chrome does not support clearing “executionContexts” at the moment, but if we added it in the future any header targeting “*” would then clear them too.
Note: This was proposed in 2017, but never launched in Chrome.
Blink component
Motivation
If a website really wanted to clear all data they would have to list all possible targets in the header and be sure to check if any were added in the future. By using “*” as the target, a website can be sure all data the browser supports to clear via the header will be cleared.
TAG review
https://github.com/w3ctag/design-reviews/issues/62
Compatibility & Interoperability
We would be the first to implement if approved.
Gecko: Positive
WebKit: No current support
Web Developers: None so far
Is this feature fully tested by web-platform-tests?
https://wpt.fyi/results/client-hints/clear-site-data?label=experimental&label=master&aligned
https://wpt.fyi/results/clear-site-data?label=experimental&label=master&aligned
Tracking bug
Link to entry on the Chrome Platform Status
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGpy5DLiBdF2iFZxhr7Uu0HEm6NtickKF2T_D1nvymYCCuV%3DHQ%40mail.gmail.com.
Seems like a pretty tiny addition to an already shipped feature. Just one question on future compat:On Mon, Jul 17, 2023 at 7:34 AM Ari Chivukula <ari...@chromium.org> wrote:Contact emails
ari...@chromium.org, mike...@chromium.org, yoav...@chromium.org
Specification
https://w3c.github.io/webappsec-clear-site-data/
Summary
Websites will now be able to clear all storage targets (“cookies”, “cache”, and “storage”) by sending `Clear-Site-Data: “*”`. Note that Chrome does not support clearing “executionContexts” at the moment, but if we added it in the future any header targeting “*” would then clear them too.
What's the risk we'll find we can't actually do that for web compat reasons? Eg. sites deploying "*" today without appreciating the implications of asking for pages to be reloaded, then when we add "executionContexts" support in the future the user experience degrades enough that we can't actually ship it as part of the "*" set? Do we have guidance for developers on when to use "*" vs. a specific list?
Note: This was proposed in 2017, but never launched in Chrome.
Blink component
Motivation
If a website really wanted to clear all data they would have to list all possible targets in the header and be sure to check if any were added in the future. By using “*” as the target, a website can be sure all data the browser supports to clear via the header will be cleared.
TAG review
https://github.com/w3ctag/design-reviews/issues/62
Compatibility & Interoperability
We would be the first to implement if approved.
Does Firefox (and older Chrome) just ignore the "*" token today? I.e. can developers list a set of tokens along with "*" in order to use this compatibly on both Chrome and Firefox?
LGTM2
/Daniel
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAFUtAY8S4erdt0A6NnZ%2B%3Dkqj589%3Dxb7Oumk%3D2j4_3aQ9p5%2Bitg%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/fed5dc9b-4ea3-185d-4039-c1cd33578abf%40gmail.com.