Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Deleting localStorage data

Tags:

html

local-storage

What vulnerabilities do i face, when coding a web app utilising localStorage, of a user inadvertently or deliberately delete localStorage data?

I'm happy to put a button saying "Delete my data", this is under my control, but are there ways beyond my control that localStorage data may be deleted? Or not used (ie. Incognito mode/private browsing mode)?

Thanks

like image 535
benhowdle89 Avatar asked Aug 18 '11 14:08

benhowdle89

People also ask

Can I delete local storage files?

Open the Google Chrome Console by pressing F12 key. Select “Application” in the console's top menu. Select “Local Storage” in the console's left menu. Right click your site(s) and click clear to delete the local storage.

How do I delete all items from localStorage?

Storage clear() Method The clear() method removes all the Storage Object item for this domain. The clear() method belongs to the Storage Object, which can be either a localStorage object or a sessionStorrage object.

How do I clear localStorage after some time?

If you're familiar with the browsers localStorage object, you know that there's no provision for providing an expiry time. However, we can use Javascript to add a TTL (Time to live) to invalidate items in localStorage after a certain period of time elapses.

How long does data stay in local storage?

localStorage is similar to sessionStorage , except that while localStorage data has no expiration time, sessionStorage data gets cleared when the page session ends — that is, when the page is closed.

3 Answers

Anyone can call localStorage.clear() from the console or location bar at any time. It's possible for a bookmarklet to be used to do the same thing.

Treat localStorage with the same volatility you'd treat a cookie. Assume that it can disappear at any time. It's best used for user-settings and temporary data. If a user clears it, be prepared to use default fall-backs or start the process over.

like image 114
zzzzBov Avatar answered Oct 22 '22 12:10

zzzzBov

localStorage is editable by the user , it's similar to the cookies .

User can delete / edit it if he wants , so you should make ur tests on server sides ...

here's an example of how angry birds got hacked ...

http://thenextweb.com/apps/2011/05/11/angry-birds-for-chrome-already-hacked-unlocking-all-levels/

     var i = 0; 
     while (i<=69) { 
       localStorage.setItem('level_star_'+i,'3'); 
       i++; 
      }
     window.location.reload();
like image 40
Tarek Avatar answered Oct 22 '22 11:10

Tarek

Here's what we found a user can do on iPhone IOS4 and iPad IOS4.

Kill Safari Double tap your "action button", press and hold the safari button that shows up on the bottom. When the circle with an x in the middle shows up, click the x.

Clear the Safari cache Settings | Safari | Clear cache

Start Safari back up

Bad news - all sites local storage is cleared, not just yours!

like image 32
user1011562 Avatar answered Oct 22 '22 12:10

user1011562
Sign in to Comment

Related questions

Live reload/refresh solution for HTML/CSS in 2017 [closed]
Using different D3 versions on same html page
How to make a delete request with Laravel
Getting Error on Bootstrap 4 : "Uncaught Error: Tooltip is transitioning"
setAttribute makes the attribute name lowercase
Javascript / React window.onerror fired twice
Why do elements created under a `new Document` contain the wrong prototype?
How can I make multi-line, vertically and horizontally aligned labels for radio buttons in HTML Forms with CSS?
How to disable default scroll bar for textareas in IE8?
Using <span> to add a direction (dir = "rtl")
32x32 icons for rich text editor?
php: replacing double <br /> with </p><p>
Why is this CSS nowrap not working?
What values can the HTML5 aria-label attribute have?
JSF display HTML comment
changing margin value using jQuery
HTML5 App Anti-Piracy techniques? [closed]
Pass information to a canvas element that will be returned when it is clicked
get the tag name of object returned by getElementsByName
CSS limit depth styles can be applied to elements

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!