loading...

Discussion on: LocalStorage vs Cookies: All You Need To Know About Storing JWT Tokens Securely in The Front-End

Collapse
putrikarunia profile image
Putri Karunia

Hi Jakub, yes they are both available from JavaScript for the duration of a single session. However, it might be easier for the attacker to just dump the contents of the session storage compared to trying to find the variable you used for the token.