HVRDHVRD
ExpressJS

Local Storage

Comprehensive guide to using Local Storage in web applications, including how it works, use cases, methods, best practices, and security considerations.

Local Storage in Web Development

Local Storage is a simple key-value storage mechanism provided by web browsers as part of the Web Storage API. It enables web applications to store data on the client side in a persistent way, surviving page reloads and browser restarts.

How Local Storage Works

  • Data is stored in the browser as simple string key-value pairs.
  • Storage persists indefinitely until explicitly cleared by the application or the user.
  • Each domain has its own separate Local Storage space (origin-based).
  • Storage limits are typically around 5MB per origin, but this can vary by browser.

When to Use Local Storage

✅ Storing non-sensitive user preferences (e.g., theme, language). ✅ Caching small amounts of data to improve performance. ✅ Persisting form data temporarily between sessions.

❌ Never store sensitive information (passwords, tokens, personal data). ❌ Avoid large amounts of data or complex objects.

Key Local Storage Methods

Storing Data

localStorage.setItem('key', 'value');

Example:

localStorage.setItem('theme', 'dark');

Retrieving Data

const value = localStorage.getItem('key');

Example:

const theme = localStorage.getItem('theme'); // Returns 'dark'

Removing Data

localStorage.removeItem('key');

Example:

localStorage.removeItem('theme');

Clearing All Data

localStorage.clear();

Storing Objects

Since localStorage stores only strings, objects must be serialized.

Storing an Object

const user = { username: 'harsha', theme: 'dark' };
localStorage.setItem('user', JSON.stringify(user));

Retrieving an Object

const user = JSON.parse(localStorage.getItem('user'));

Example: Theme Persistence

// Save theme on selection
function setTheme(theme) {
    document.body.className = theme;
    localStorage.setItem('theme', theme);
}

// Apply theme on page load
window.onload = () => {
    const savedTheme = localStorage.getItem('theme');
    if (savedTheme) {
        document.body.className = savedTheme;
    }
};

Advantages of Local Storage

  • Simple API: No async or promises—just synchronous key-value storage.
  • Persistent: Data remains after closing the tab or browser.
  • Widely Supported: Works in all modern browsers.

Limitations and Gotchas

  • Synchronous Access: Can block main thread if used heavily.
  • Limited Space: Typically ~5MB per origin.
  • Security: Data is accessible by any script from the same origin.
  • Not Suitable for Sensitive Data: Avoid storing authentication tokens or personal info.

Security Considerations

⚠️ Do NOT store sensitive data like passwords or auth tokens in Local Storage.

✅ Instead, use cookies with HttpOnly and Secure flags for sensitive data.

🚨 Local Storage is vulnerable to Cross-Site Scripting (XSS) attacks since any injected script can access it.

Best Practices

  • Always validate data retrieved from Local Storage.
  • Use localStorage only for non-sensitive, non-critical application state.
  • Combine with sessionStorage when data should not persist after browser close.
  • Gracefully handle unavailable storage (e.g., private mode restrictions).

JWTs

In-depth guide on implementing JWT-based authentication in ExpressJS, including token vs JWT comparison, JWT creation, verification, secure practices, middleware handling, and a full example site structure.

Databases

In-depth guide covering database concepts, types, SQL vs NoSQL, database operations, and practical usage examples.

On this page

Local Storage in Web DevelopmentHow Local Storage WorksWhen to Use Local StorageKey Local Storage MethodsStoring DataRetrieving DataRemoving DataClearing All DataStoring ObjectsStoring an ObjectRetrieving an ObjectExample: Theme PersistenceAdvantages of Local StorageLimitations and GotchasSecurity ConsiderationsBest Practices