DEV Community

loading...

Discussion on: Storing tokens in single-page applications

Collapse
boussou profile image
Nadir Boussoukaia • Edited

"JavaScript cookies, similarly to localStorage, can be read by other JavaScript code." => that is wrong. You have to use cookies.

I suppose you call "HTTP cookies" cookies that are generated by the server: right. With the secure flag.

Collapse
bjornlindholmdk profile image
Bjørn Lindholm Author

Yeah that what was I was trying to explain. JavaScript cookies in this case are cookies set by document.cookie while HTTP cookies are cookies set by the server. Sorry for confusion!