How to strip EXIF (camera, GPS) from images locally

EXIF often leaks more than the picture itself

A single JPEG taken on a phone quietly carries a record of when, where, and with what it was shot. EXIF stores the capture time down to the second, GPS latitude/longitude/altitude/heading, the device model (iPhone 15 Pro, Pixel 8, Sony A7 IV), lens focal length, shutter speed, ISO, white balance, and sometimes the camera body’s serial number. Social posts, marketplace listings, blog headers, profile pictures on hiring sites — none of these have that information in the body text, yet it sits inside the first few kilobytes of every image file.

The risk is that only the invisible layer leaks. Post a cat photo from your living room with GPS intact and six decimal places of latitude pin down the front door in seconds. A watch review photo carrying the model and serial number becomes ready-made material for forged warranty cards. A burst of pictures with consecutive timestamps reveals a movement pattern and how long you stayed where. “Sharing an image” doubles as “copying the entire context the image was taken in”.

The browser-only flow for stripping EXIF

To wipe the metadata in bulk, open image-exif-strip and drag JPEG, PNG, or WebP files onto the page. You can drop multiple files at once; each one lists the metadata blocks it found before you choose to remove them, and the cleaned versions can be downloaded individually or as a single ZIP. For JPEG the tool edits the byte stream of the APP1 segment directly rather than re-encoding the pixels, so the visual quality of the output is bit-exact identical to the input.

If your use case is “keep the capture date and camera info as a record, but hide the GPS only” — typical for travel photos or photography portfolios — exif-gps-strip is the surgical version. It targets only GPSLatitude, GPSLongitude, GPSAltitude, GPSImgDirection, and the sibling tags, while leaving DateTimeOriginal, Model, and LensModel intact. After running either tool you can verify the result by feeding the cleaned file into image-info, which lists whatever metadata is still present.

JPEG’s APP1, PNG’s tEXt, WebP’s EXIF chunk

Different image formats stash metadata in different places. JPEG starts with the SOI marker (0xFFD8); right after it sits an APP1 segment (0xFFE1) carrying a TIFF-formatted IFD (Image File Directory) — that is where EXIF lives, and XMP typically rides along inside another APP1. PNG uses dedicated tEXt, iTXt, and eXIf chunks that live alongside the pixel chunks. WebP holds its EXIF and XMP as RIFF subchunks. In every format the metadata is in its own section, separate from the pixel data, which is why a tool can rewrite the file without touching the image at all.

Internally the tool uses the FileReader API to load the binary into an ArrayBuffer, detects the format, walks the segment headers, and slices the offending sections out. Going through a canvas would also remove most metadata, but it would put the JPEG pixels through a re-encode and lose quality in the process. Byte-level editing keeps the original pixel bytes 100 % intact. The thumbnail EXIF — a tiny embedded JPEG preview that lives inside the main EXIF block — is removed in the same pass, which fixes the classic mistake of stripping the visible image and forgetting the thumbnail still carried GPS.

What you give up by uploading to a “metadata remover”

Search for “EXIF remover online” and the results are largely services where you pick a file in the browser and ship it to their backend. Uploading an image to remove its location is structurally backwards. Most terms of use grant the operator a non-exclusive licence to “improve the service” using uploaded content, and even if they honour a delete request you can never audit the CDN caches, error logs, or backup snapshots that already touched the file. Photos with embedded GPS, faces, and timestamps are exactly the kind of data that has lasting value as training material — the very thing you wanted to remove ends up at the operator first.

In-browser stripping has no upload path in the code. image-exif-strip and exif-gps-strip rely only on the FileReader API, plain JavaScript binary editing, and Blob output; the full source is on GitHub and can be audited line by line. Open DevTools with “Preserve log” enabled, run the strip, download the ZIP, and observe that no request related to the image bytes goes out — only the initial HTML/JS/WASM load. The asymmetry of “delete my address by sending my address to a stranger” disappears once the operation never crosses your tab boundary.