• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

HTML5 Local Storage - Replace Cookies?

James

Well-known member
#1
With HTML5's localStorage API available to use, would it be considered good practice to use this as a method of authenticating logins for users who've saved their passwords? I don't think that localStorage is exploitable as cookies are. I'm just wondering if anyone is using them currently, or plans on using them to replace cookies.
 

Mike

XenForo developer
Staff member
#2
Cookies work for authentication because they are sent to the server (and can be set by the server). Local storage is for access via JS. You could theoretically use it, but it'd really have to be for an app where every "page view" was done/built via JS, as you'd have to pass session/auth details along explicitly. Doesn't seem ideal to me.