Is local storage in browser safe?

Question

No. localStorage is accessible by any webpage, and if you have the key, you can change whatever data you want. That being said, if you can devise a way to safely encrypt the keys, it doesn't matter how you transfer the data, if you can contain the data within a closure, then the data is (somewhat) safe. 6 янв. 2015 г.

Can browser local storage be hacked?

If an attacker can run JavaScript on your website, they can retrieve all the data you've stored in local storage and send it off to their own domain. This means anything sensitive you've got in local storage (like a user's session data) can be compromised.

When should I use browser local storage?

Local storage allows developers to store and retrieve data in the browser. The data stored in local storage will not expire. This means the data will persist even if the tab or the browser window is closed.

Is it good to save data in local storage?

Having LocalStorage available per domain prevents malicious JavaScript hosted on other websites from manipulating or reading our client data that's used by our domain. Each domain can store up to 5MB of data in LocalStorage. Also, our data isn't sent to the server when an HTTP request is made.

Why is local storage not safe?

Local Storage offers isolation per the Same Origin Policy, meaning that one origin cannot access the Local Storage of another Origin. Data stored there is saved across browser sessions, so if a user closes the browser tab or window, the data will still be available in the Local Storage when the user revisits the page.

Expert · Answer