[Owasp-board] Tweet from Ar0xA (@Ar0xA)
tobias.gondrom at owasp.org
Wed Apr 22 13:46:54 UTC 2015
Actually, if I may suggest such technical questions might be even better
on the community list.
Just a suggestion.
On 22/04/15 01:51, Jim Manico wrote:
> Yes, if you *really* need to persist sensitive data, sessionStorage is
> MUCH better than localStorage.
> From https://www.owasp.org/index.php/HTML5_Security_Cheat_Sheet
> * Use the object sessionStorage instead of localStorage if
> persistent storage is not needed. sessionStorage object is
> available only to that window/tab until the window is closed
> On 4/21/15 2:21 PM, Noreen Whysel wrote:
>> Anyone care to respond? Until I am a bit more up to speed on AppSec I
>> think I will pass these on to the board list...
>> *Ar0xA (@Ar0xA <https://twitter.com/ar0xa?refsrc=email&s=11>)*
>> 4/21/15, 1:49 AM
>> @owasp <https://twitter.com/owasp> any arguments against/for
>> sensitive data in html5 sessionStorage? w3c says "fine", but arent
>> local atacks an issue? anything else?
>> Download the official Twitter app here
>> Noreen Whysel
>> Community Manager
>> OWASP Foundation
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board