From 9474756c78f7c48c732e6de9e9f2790a1e8bfe04 Mon Sep 17 00:00:00 2001
From: Antoine Lamirault <lamiraultantoine@gmail.com>
Date: Sun, 23 Nov 2025 19:51:52 +0100
Subject: [PATCH] [Security] add missing `Clear-Site-Data` directives

---
 reference/configuration/security.rst | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
index f5382376cc0..63ec4df6b76 100644
--- a/reference/configuration/security.rst
+++ b/reference/configuration/security.rst
@@ -373,7 +373,8 @@ The ``Clear-Site-Data`` HTTP header clears browsing data (cookies, storage, cach
 associated with the requesting website. It allows web developers to have more
 control over the data stored by a client browser for their origins.
 
-Allowed values are ``cache``, ``cookies``, ``storage`` and ``executionContexts``.
+Allowed values are ``cache``, ``cookies``, ``storage``, ``clientHints``, ``executionContexts``,
+``prefetchCache`` and ``prerenderCache``.
 It's also possible to use ``*`` as a wildcard for all directives:
 
 .. configuration-block::
@@ -406,6 +407,11 @@ It's also possible to use ``*`` as a wildcard for all directives:
                     ->clearSiteData(['cookies', 'storage']);
         };
 
+.. versionadded:: 8.1
+
+    The ``clientHints``, ``prefetchCache`` and ``prerenderCache`` options were
+    introduced in Symfony 8.1.
+
 invalidate_session
 ..................