Possibly note the Clear-Site-Data header

[craigfrancis]

Under the heading "Consider what to do with user session data", it might be worth noting that some websites might want to use the Clear-Site-Data header (Specification, MDN Article).

This header helps if the user forgot to use Private Browsing Mode, and isn't familiar with clearing their browsing data (which in itself can be suspicious).

This header does not clear the browsers history (as websites cannot/should-not be able to do this); but it does leave less traces of the website on the users computer (cookies, caches, localStorage, service workers, etc), which shows greater engagement with the website, and could include an active session showing a username and account details.

I believe the Exit This Page link will need to use a redirect (i.e. go to a URL on the current website, which sets this header, and a Location header for the redirect). This will increase the loading time for the destination page, but loading time is always going to be a problem (and why a loading overlay is essential, because even a basic link to another website can take many seconds to begin loading - ref mobile phones with a poor connection, slow laptops running a virus checker, etc).