I like the XSRF Double Submit Cookies method which mentioned in the article that @pkid169 said, but there is one thing that article doesn’t tell you. You are still not protected against XSS because what the attacker can do is inject script that reads your CSRF cookie (which is not HttpOnly) and then make a … Read more
Execute this snippet in JavaScript console (one line version): var _lsTotal=0,_xLen,_x;for(_x in localStorage){ if(!localStorage.hasOwnProperty(_x)){continue;} _xLen= ((localStorage[_x].length + _x.length)* 2);_lsTotal+=_xLen; console.log(_x.substr(0,50)+” = “+ (_xLen/1024).toFixed(2)+” KB”)};console.log(“Total = ” + (_lsTotal / 1024).toFixed(2) + ” KB”); The same code in multiple lines for reading sake var _lsTotal = 0, _xLen, _x; for (_x in localStorage) { if (!localStorage.hasOwnProperty(_x)) … Read more
localStorage is also known as Web Storage, HTML5 Storage, and DOM Storage (these all mean the same thing). localStorage is similar to sessionStorage, except that data stored in localStorage has no expiration time, while data stored in sessionStorage gets cleared when the browsing session ends (i.e. when the browser / browser tab is closed). Session … Read more
The standard localStorage API should be available, just do e.g.: localStorage.setItem(‘whatever’, ‘something’); It’s pretty widely supported. Note that you will need to add “dom” to the “lib” array in your tsconfig.json if you don’t already have it.
Update 2016: Google Chrome released the storage API: https://developer.chrome.com/docs/extensions/reference/storage/ It is pretty easy to use like the other Chrome APIs and you can use it from any page context within Chrome. // Save it using the Chrome extension storage API. chrome.storage.sync.set({‘foo’: ‘hello’, ‘bar’: ‘hi’}, function() { console.log(‘Settings saved’); }); // Read it using the storage … Read more
To whoever also needs this problem solved: Firstly, I grab my image with getElementByID, and save the image as a Base64. Then I save the Base64 string as my localStorage value. bannerImage = document.getElementById(‘bannerImg’); imgData = getBase64Image(bannerImage); localStorage.setItem(“imgData”, imgData); Here is the function that converts the image to a Base64 string: function getBase64Image(img) { var … Read more
WebCrypto The concerns with cryptography in client-side (browser) javascript are detailed below. All but one of these concerns does not apply to the WebCrypto API, which is now reasonably well supported. For an offline app, you must still design and implement a secure keystore. Aside: If you are using Node.js, use the builtin crypto API. … Read more
for (var key in localStorage){ console.log(key) } EDIT: this answer is getting a lot of upvotes, so I guess it’s a common question. I feel like I owe it to anyone who might stumble on my answer and think that it’s “right” just because it was accepted to make an update. Truth is, the example … Read more
Quoting from the specification: The getItem(key) method must return the current value associated with the given key. If the given key does not exist in the list associated with the object then this method must return null. You should actually check against null. if (localStorage.getItem(“username”) === null) { //… }
You can delete localStorage items one by one using Firebug (a useful web development extension) or Firefox’s developer console. Firebug Method Open Firebug (click on the tiny bug icon in the lower right) Go to the DOM tab Scroll down to and expand localStorage Right-click the item you wish to delete and press Delete Property … Read more