Can localStorage replace cookies?

Question

Local Storage (you'll find it under Web Storage on W3) is and isn't a replacement for cookies. That's what's most confusing about it. In most cases, you can safely use localStorage instead of cookies and get the (wrong) impression that they are the same, while they are not. 21 авг. 2018 г.

Is localStorage same as cookies?

Cookies and local storage serve different purposes. Cookies are primarily for reading server-side, local storage can only be read by the client-side. So the question is, in your app, who needs this data — the client or the server? If it's your client (your JavaScript), then by all means switch.

Cookies and local storage serve different purposes. Cookies are mainly for reading server-side, whereas local storage can only be read by the client-side . Apart from saving data, a big technical difference is the size of data you can store, and as I mentioned earlier localStorage gives you more to work with.

Unlike Cookies where all Cookies (for that domain) are sent on each request, Local and Session Storage data aren't sent on each HTTP request. They just sit in your browser until someone requests it. Each browser has a different specifications on how much data can be stored inside Local and Session Storage.

Is local storage safer than cookies?

LocalStorage/SessionStorage is vulnerable to XXS attacks. Access Token can be read by JavaScript. Cookies, with httpOnly, secure and SameSite=strict flags, are more secure.

Expert · Answer