re: Please Stop Using Local Storage VIEW POST

re: Sorry, but as far as I see the whole point of this article is (for the security argument) to not use local storage, because of XSS attacks. XSS at...

Tom add: Yes, httpOnly (and sameSite) cookies add some security and when you can use them, it's great (for session cookies e.g.)! However, it's also a thing you need to use. You can also use local storage as secure as this.

My point is just, this article calls out local storage as insecure and only shortly explains how cookies should be done to be more secure! It's not at all obvious that when you don't do it properly also cookies are by no means more secure.

code of conduct - report abuse