Questions tagged [local-storage]
55 questions
0
votes
0 answers
Should you even bother trying to hide authentication from XSS?
I read a comment on here that goes something like "trying to hide user authentication from an XSS attack is like reinforcing your fridge against a nuclear bomb; at that point, you've got much bigger problems to worry about, and nothing you reinforce…
Roy He
- 1
0
votes
1 answer
Is storing a short lived JWT on initial login in LocalStorage safe?
I was reading this question and still have doubts about my use case.
I know it's unsafe to store a JWT in local/session storage due to XSS attacks. But what if it's for a JWT that only lasts 1 min when they first login? The client would then use…
tbd_
- 101
- 1
0
votes
0 answers
Ionic local storage store sensitive data for private app
I'm new to the ionic framework and have some basics of it and currently I'm developing a private app for my family only that store some sensitive information in the localstorage. I used some crypto libraries to encrypt the whole data to prevent…
hacek
- 1
0
votes
1 answer
Storing encrypted tokens in LocalStorage
I am building a JavaScript application that will run in a web browser but also as a pseudo-native mobile application via Apache Cordova. It communicates via API to a separate backend service.
The app requires that the user be prompted for some kind…
oogles
- 101
- 2
0
votes
1 answer
localStorage vs. HTTP-Only Cookies + XSRF: Is either better when it comes to XSS?
If I were to implement a common OpenID Connection pattern on a SPA, I might have the following relationship:
Auth server <-----------> Client (browser) <-----------> App API server
The user would be redirected to the auth server to login, and an…
M Miller
- 153
- 1
- 4
0
votes
1 answer
Store password in Chrome exclusively online
I have read about the functioning of Chrome for storing passwords. I realized that it stores an encrypted sql database locally and it also stores them online. I find it more secure to have them only online.
Is there a way to store them exclusively…
KB303
- 423
- 2
- 5
- 15
0
votes
1 answer
Can I store secrets in localStorage? Will malware have access to it?
If a Windows user downloaded and ran a pirated computer game that contained malware and is granted administrative privileges, will it have access to localStorage or browser cookies?
golopot
- 109
- 1
0
votes
0 answers
Is keeping business data in browser database websql secure?
Knowing that
Server always validates the data before saving it.
Browser app is generating the data based on user input and some business logic and is storing it locally.
Browser app then synchronize with server to save locally generated data and…
gurvinder372
- 823
- 2
- 8
- 9
-1
votes
1 answer
How can MyKi transfer data from iOS to macOS without a server?
MyKi.co claims to be able to transfer your passwords securely from your iOS device to the macOS without having to relay through their own servers. But how is this possible?
"Your sensitive data is not stored in the cloud." -> https://myki.co/faq
It…
FooBar
- 139
- 5
-3
votes
1 answer
What led to the prominence of storing JWTs in localstorage?
Could somebody explain how and why a majority of new webapps are storing their JWTs/tokens in localStorage? It doesn't seem to be by chance, anyone familiar with this history and perhaps factors from the industry that lead to this. This is just a…
jia chen
- 149
- 4