The Clear-Site-Data header clears browsing data (cookies, storage, cache) associated with the requesting website. It allows web developers to have more control over the data stored locally by a browser for their origins.

Header type Response header
Forbidden header name no

Syntax

The Clear-Site-Data header accepts one or more directives. If all types of data should be cleared, the wildcard directive ("*") can be used.

// Single directive
Clear-Site-Data: "cache"

// Multiple directives (comma separated)
Clear-Site-Data: "cache", "cookies"

// Wild card
Clear-Site-Data: "*"

Directives

"cache"
Indicates that the server wishes to remove locally cached data (i.e. the browser cache, see HTTP caching) for the origin of the response URL. Depending on the browser, this might also clear out things like pre-rendered pages, script caches, WebGL shader caches, or address bar suggestions.
"cookies"
Indicates that the server wishes to remove all cookies for the origin of the response URL. HTTP authentication credentials are also cleared out. This affects the entire registered domain, including subdomains. So https://example.com as well as https://stage.example.com, will have cookies cleared.
"storage"
Indicates that the server wishes to remove all DOM storage for the origin of the response URL. This includes storage mechanisms such as:
"executionContexts"
Indicates that the server wishes to reload all browsing contexts for the origin of the response (Location.reload).
"*" (wildcard)
Indicates that the server wishes to clear all types of data for the origin of the response. If more data types are added in future versions of this header, they will also be covered by it.

Examples

Sign-out

If a user signs out of your website or service, you might want to remove locally stored data. You can achieve that by adding the Clear-Site-Data header to the response of https://example.com/logout:

Clear-Site-Data: "cache", "cookies", "storage", "executionContexts"

Clearing cookies

If this header is delivered with the response at https://example.com/clear-cookies, all cookies on the same domain https://example.com and any subdomains (like https://stage.example.com, etc), will be cleared out.

Clear-Site-Data: "cookies"

Specifications

Specification Status Title
Clear Site Data Working Draft Initial definition.

Browser compatibility

Update compatibility data on GitHub
DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidiOS SafariSamsung Internet
Basic support
Experimental
Chrome Full support 61Edge ? Firefox Full support 63
Full support 63
Full support 62
Disabled
Disabled From version 62: this feature is behind the dom.clearSiteData.enabled preference (needs to be set to true). To change preferences in Firefox, visit about:config.
IE ? Opera Full support 48Safari ? WebView Android Full support 61Chrome Android Full support 61Edge Mobile ? Firefox Android Full support 63
Full support 63
Full support 62
Disabled
Disabled From version 62: this feature is behind the dom.clearSiteData.enabled preference (needs to be set to true). To change preferences in Firefox, visit about:config.
Opera Android Full support 48Safari iOS ? Samsung Internet Android ?

Legend

Full support  
Full support
Compatibility unknown  
Compatibility unknown
Experimental. Expect behavior to change in the future.
Experimental. Expect behavior to change in the future.
User must explicitly enable this feature.
User must explicitly enable this feature.

See also

Document Tags and Contributors

Contributors to this page: mfuji09, ExE-Boss, fscholz
Last updated by: mfuji09,