DEV Community

loading...

Discussion on: LocalStorage vs Cookies: All You Need To Know About Storing JWT Tokens Securely in The Front-End

Collapse
putrikarunia profile image
Putri Karunia

Hi Will, Putri here – Michelle' cofounder.

Yes, technically if your site is vulnerable to XSS, the attacker can do a lot of damage no matter where you store the token. The options above are intended to help in making it harder for the attacker to obtain the access token itself.

Forem Open with the Forem app