re: LocalStorage vs Cookies: All You Need To Know About Storing JWT Tokens Securely in The Front-End VIEW POST


I guess if your website is vulnerable to XSS attack, it's game over anyway 😐 JWT token now doesn't matter. What's your thoughts?


Hi Pankaj, yep I agree with you! It's true that if your site is vulnerable to XSS attack then technically the attacker can do almost whatever they want. However, it is possible to make it harder for the attacker to read/use the access token, which might help in some cases.

Code of Conduct Report abuse