Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Ilya Beloborodov2021-04-20 15:48:15
XSS
Ilya Beloborodov, 2021-04-20 15:48:15

Is it ok to store a user's email in localStorage?

There is an idea to remember the user's email:

There is an authorization form, if the visitor has successfully logged in, I save his email in localStorage.
The next time, when I visit a page with a login form, I insert his soap into the corresponding input (so that he does not remember for a long time which soap he used during registration, in case he did not save it in the browser).

What are the risks of this decision?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrey Sanych, 2021-04-20
@kowap

There is only one risk - if you have third-party scripts on your site and they scour localStorage, then they will borrow all the contents of the localstorage to themselves

Similar questions
E
entermix2015-02-05 01:33:05
Why does HTMLPurifier work this way? 1Reply
I
Isaac Clark2015-03-03 16:36:52
Which htmlEntities are used by Facebook, Google or Twitter? 2Reply
R
Ruslan Dobrioglo2021-03-16 21:11:47
Should I report an XSS vulnerability to the site owner? 2Reply
P
Pavel K2017-06-18 00:05:10
How to do JSON escaping? 1Reply
B
BonBon Slick2017-12-26 21:58:09
What are the main methods of protecting the service API? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question