Skip to content

[Security] add missing Clear-Site-Data directives #62322

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fabpot merged 1 commit into from
Nov 20, 2025
Merged

[Security] add missing Clear-Site-Data directives #62322

fabpot merged 1 commit into from
Nov 20, 2025

Conversation

@xabbuh
Copy link
Member

@xabbuh xabbuh commented Nov 6, 2025
edited
Loading

Q A
Branch? 7.4
Bug fix? no
New feature? yes
Deprecations? no
Issues
License MIT

@xabbuh xabbuh requested a review from chalasr as a code owner November 6, 2025 08:05
@carsonbot carsonbot added this to the 6.4 milestone Nov 6, 2025
@carsonbot carsonbot changed the title [Security] add missing Clear-Site-Data directives [Security] add missing Clear-Site-Data directives Nov 6, 2025
@xabbuh
Copy link
Member Author

xabbuh commented Nov 6, 2025

not sure why these directives were not added in #49306, maybe they were added to the documentation afterwards

/cc @maxbeckers

maxbeckers
maxbeckers approved these changes Nov 6, 2025
View reviewed changes
Copy link
Contributor

@maxbeckers maxbeckers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@xabbuh might be like that. When I implemented that, i implemented it based on that documentation.

@stof
Copy link
Member

stof commented Nov 6, 2025

Those ones are new experimental features in browsers (see the "experimental" icons in https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Clear-Site-Data#directives).
They have not just been added later in the documentation, but also in the spec.

@xabbuh
Copy link
Member Author

xabbuh commented Nov 6, 2025

We currently already support the executionContexts directive which is also experimental. Though if they were later added to the spec I'd also be fine to add this as a new feature.

@stof
Copy link
Member

stof commented Nov 6, 2025

We currently already support the executionContexts directive which is also experimental.

This one is experimental since more time 😄

@xabbuh xabbuh changed the base branch from 6.4 to 7.4 November 13, 2025 07:48
@xabbuh xabbuh added Feature and removed Bug labels Nov 13, 2025
@xabbuh xabbuh force-pushed the pr-49306 branch 2 times, most recently from 45a5e25 to 8f6980d Compare November 13, 2025 07:51
@xabbuh
Copy link
Member Author

xabbuh commented Nov 13, 2025

rebased and relabeled so that we can merge it once we start the development of 8.1

@nicolas-grekas nicolas-grekas modified the milestones: 6.4, 7.4 Nov 13, 2025
@OskarStark OskarStark changed the title [Security] add missing Clear-Site-Data directives [Security] add missing Clear-Site-Data directives Nov 13, 2025
@nicolas-grekas nicolas-grekas modified the milestones: 7.4, 8.1 Nov 16, 2025
@nicolas-grekas
Copy link
Member

nicolas-grekas commented Nov 17, 2025

(rebase needed though)

@fabpot
Copy link
Member

fabpot commented Nov 20, 2025

Thank you @xabbuh.

@fabpot fabpot merged commit 0991d0c into symfony:8.1 Nov 20, 2025
8 of 10 checks passed
@fabpot fabpot mentioned this pull request Nov 20, 2025
Closed
@xabbuh xabbuh deleted the pr-49306 branch November 20, 2025 08:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fabpot fabpot fabpot approved these changes

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

+1 more reviewer

@maxbeckers maxbeckers maxbeckers approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Feature Security Status: Reviewed

Projects

None yet

Milestone

8.1

Development

Successfully merging this pull request may close these issues.

6 participants

@xabbuh @stof @nicolas-grekas @fabpot @maxbeckers @carsonbot