DEV Community

pmgzo
pmgzo

Posted on • Updated on

Saving session token in web app

Hi everyone in this new post I wanted to share you how to save the identification token in your frontend app.

First I suggest to read this papper which state lots of vulnerabilties on web apps: https://owasp.org/www-project-developer-guide/draft/

I couldn't find the PDF but basically if you go to their github by typing "OWASP" you will definitely find it.

Anyway in this paper they state that we should store the session token in the localStorage. Because, if you want to go to another website, this website could have access to this session token which is a strong vulnerability.

So how do you do differently ?

They propose to store the session token in the sessionStorage window's property

That's it for today I hope you enjoyed this sharing

I see you in the next one 👊

web #frontend #websecurity

Top comments (0)