Can you store a JOSE token in localStorage?

Asked Sep 06 '22 at 18:11

Active Sep 06 '22 at 18:11

Viewed 26 times

I was reading about JWTs and how you shouldn't store them in localStorage - its insecure.

But if it is encrypted with a server's private key, with the JOSE standard, can I store it in localStorage? Is that secure from XSS and other attacks that might threaten my app?

asked Sep 06 '22 at 18:11

SamTheProgrammer

1,051
1
10
28

1

yes, unless the token is encrypted – man.in.the.jukebox Sep 06 '22 at 18:21
1

Local Storage offers isolation per the Same Origin Policy, meaning that one origin cannot access the Local Storage of another Origin – IT goldman Sep 06 '22 at 21:23

Can you store a JOSE token in localStorage?

0 Answers0