A couple of days ago, Nicholas Zakas wrote an article about secure client side storage. I think the scenario he mentioned (working from a cyber cafe) is not unsafe by nature, and could be well handled by an application. Nonetheless, client side storage such as localStorage still is subject to DNS spoofing attacks (which is
Read more
Monthly Archives:: April 2010
Don’t use Cookies
– or: How to persist data in the 21st century. The common way to persist data on the client side – application state, offline data, whatever – still is to use cookies. But times have changed, and so have browsers, and there are better ways to do it today. But why are cookies that bad?
Read more