Should I encrypt before writing to local storage?

simsalabim / sisyphus

Gmail-like client-side drafts and bit more. Plugin developed to save html forms data to LocalStorage to restore them after browser crashes, tabs closings and other disasters.

http://sisyphus-js.herokuapp.com

MIT License

1.99k stars 221 forks source link

Should I encrypt before writing to local storage? #156

Open MikeSteigerwald opened 6 years ago

MikeSteigerwald commented 6 years ago

I've been asked to study any security concerns regarding local storage. Can that data get hacked? Should I encrypt before saving?

drawcard commented 4 years ago

I know this question is 2 years old ... but for anyone else curious about this topic:

https://dev.to/rdegges/please-stop-using-local-storage-1i04

Recommend reading the comment section as well. The jury is out on the topic - since if you can access LocalStorage via XSS exploit, you have bigger problems than just LocalStorage access.