Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Nikolaev2018-02-19 14:57:55
JavaScript
Alexey Nikolaev, 2018-02-19 14:57:55

Is localStorage a better choice than cookies?

Good day.
There is a need to store a token that will only be used on the client. Only the client will receive it too. At first I thought to write it to the cookie, but then I remembered sessionStorage. Cookies are transmitted along with headers, but web storage is not, therefore, an attacker will be able to steal data from the storage only through xss or direct access to the computer, which is impossible with the proper approach. Or a virus.
Is web storage more secure than cookies? Is it a good practice when creating a SPA to write some kind of authorization data in the store, and not in cookies (public key, api token, etc.)?
Thanks in advance.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
sim3x, 2018-02-19
@sim3x

And if you use http cookies, then xss will not help

Report
S
Stalker_RED, 2018-02-19
@Stalker_RED

Are you inventing your own version of JWT ?

Similar questions
N
nicknameuser2017-06-11 04:26:24
Do you have a "math mind"? 5Reply
W
wolron2021-05-07 16:23:52
How does liking a video on YouTube increase views in my city? 2Reply
A
alex14782019-11-11 21:15:05
Has anyone compared libcurl and requests (python)? 2Reply
D
Daniel Chistyakov2021-05-10 11:57:42
How to change styles on a specific React child element? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question