Gregory's Server@mahryekuh it looks so me like that's only a problem if you have an XSS hole allowing attackers to execute malicious JavaScript, in which case localstorage leaks are the least of your problems!
|
2 comments
 @johnstonphilip @mahryekuh I guess you could encrypt it with a public key in the JavaScript and have a private key server-side that is only available when the user is signed into their account |
@simon @mahryekuh localStorage can affect someone who is using a public computer, like at a library. The next person to use the machine will have their form data available.