Scribd
Upload
22 views

Localstorage Sessionstorage Cookies

The document discusses localStorage, sessionStorage, and cookies. LocalStorage stores data persistently in the browser even when the window is closed. SessionStorage stores data persistently until the window is closed. Cookies can store data persistently, are automatically sent to the server, and can be configured for security with flags like HttpOnly and Secure.

Uploaded by

John Doe
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
22 views

Localstorage Sessionstorage Cookies

The document discusses localStorage, sessionStorage, and cookies. LocalStorage stores data persistently in the browser even when the window is closed. SessionStorage stores data persistently until the window is closed. Cookies can store data persistently, are automatically sent to the server, and can be configured for security with flags like HttpOnly and Secure.

Uploaded by

John Doe
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

localStorage

sessionStorage
cookies
localStorage

persistent in browser memory.


accessible with JavaScript only.
not automatically sent to the server during an HTTP request.
localStorage

localStorage.setItem('greeting', 'Hello World!');

localStorage.removeItem('greeting');
sessionStorage

deleted once the browser tab or window is closed.


accessible with JavaScript only.
not automatically sent to the server during an HTTP request.
sessionStorage

sessionStorage.setItem('greeting', 'Hello World!');

sessionStorage.removeItem('greeting');
cookies 🍪
persistent in browser memory.
inaccessible with JavaScript (with the HttpOnly flag).
automatically sent to the server during an HTTP request.
Authentication data stored with localStorage or sessionStorage are
vulnerable to cross-site scripting XSS attacks.

cookies when used with the HttpOnly flag are not accessible with
JavaScript and are thus immune to XSS attacks.

cookies when used with the Secure flag ensure cookies can only be sent
securely through HTTPS.
Cookies are vulnerable to cross-site request forgery CSRF attacks.

Flags to help mitigate CSRF

SameSite
XCSRFTOKEN

You might also like