• 0

Local Storage Security


Question

As a Web developer, I'd like to use HTML5's Local Storage on some of my sites, but I'm wondering about security issues. When Local Storage data is saved, is it stored in a secure manner? Since it is accessible through the localStorage variable, the user can read off all its contents, right?

Link to comment
Share on other sites

4 answers to this question

Recommended Posts

  • 0

Its like cookies, only the data stored by the website can be access by that website. But just like cookies you shouldn't trust it.

Link to comment
Share on other sites

  • 0

Every browser would store it differently, Firefox I think stores it in an SQLite database. But it should be treated the same as Cookies, if the information is something the user shouldn't get his hands on then don't give it to him (Safari presents it in a table to the user via the web developer panel)

Link to comment
Share on other sites

  • 0

Every browser would store it differently, Firefox I think stores it in an SQLite database. But it should be treated the same as Cookies, if the information is something the user shouldn't get his hands on then don't give it to him (Safari presents it in a table to the user via the web developer panel)

Chrome's HTML5, like Firefox, uses SQLite and is open to SQL injection

HTML 5 could help spur SQL injection attacks on client machines : https://www.neowin.net/forum/topic/900658-html-5-could-help-spur-sql-injection-attacks-on-client-machines/page__p__592615944__hl__sqlite__fromsearch__1entry592615944

Link to comment
Share on other sites

  • 0

I think it's only WebKit browsers that support the SQL DB spec, IE9 and Firefox 4 are going to support another spec which has no SQL in it.

Edit: Basically, the SQL DB is the old spec that has been replaced with the "IndexedDB" spec.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.