Vaishnavi Baliga
Vaishnavi Baliga

Vaishnavi Baliga

Cookies, Local Storage and Session Storage

Cookies, Local Storage and Session Storage

Vaishnavi Baliga's photo
Vaishnavi Baliga
·Nov 4, 2019·

min read


An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user’s browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past).

Local Storage & Session Storage

Web storage offers two different storage areas—local storage and session storage which differ in scope and lifetime. Data placed in local storage is per origin (the data is available to all scripts loaded from pages from the same origin that previously stored the data) and persists after the browser is closed.

Session storage is per-origin-per-window-or-tab and is limited to the lifetime of the window. Session storage is intended to allow separate instances of the same web application to run in different windows without interfering with each other, a use case that’s not well supported by cookies.

  • There are basically 2 types of of cookies: Persistent and session cookies.
  • Files that are kept on users computer by a website.
  • It stores data to be sent back to the server with a request.
  • It has both client and server side.
  • Storage capacity of less than 4Kb.
  • An expiry date can be set for clearing data.
  • Can store only string values.

Local Storage

  • This is a type of persistent cookie type as the data will stay unless the user has to manually cleared it by using JS.
  • Can store object and strings.
  • It has the maximum storage among the 3 (Compared to cookie and session storage).
  • Capacity of 10Mb (5Mb – 10Mb).
  • It is client side.
  • Vulnerable to XSS attacks.

Session Storage

  • Stores data till the tab or browser is closed.
  • It is client side.
  • Has the same capacity as that of local storage and larger than cookies. (Atleast 5Mb)


Share this