Skip to content

re: Is there anything I should know about cookies as both webdev and end-user? VIEW POST


As I know, the cookie cannot be edited capturing the http package, the content is in your browser, as it is localstorage. The thing I can do is steal a cookie, if the server config only trust in cookie id to retrieve session, I can collide the cookie and start navigating as I was you. In principle, localstorage is as safe as it is the hypervisor of the browser, pretty good I think. I love serverless so I don't use cookies anymore in my projects, tokens in localstorage and/or sesessionstorage is fine.

code of conduct - report abuse