About
client side data in the browser
Data Store
Browser Native
- WebStorage - name/value pairs - Method of storing data locally like cookies, but for larger amounts of data (sessionStorage and localStorage, used to fall under HTML5).
- WebSql (nor more supported)
Library
In-browser databases that wrap browser storage capabilities:
- PouchDB (can sync with CouchDb database)
Format
Security
Secure or sensitive data should not be stored persistently in browser data stores as they should be treated as insecure storage.
Because the Web Storage mechanisms are APIs, they can be accessed from injected scripts, making it less secure than cookies with the httponly flag applied.