Y
Hacker News
new
|
ask
|
show
|
jobs
by
jcampbell1
2526 days ago
The trend of storing auth tokens in localStorage rather than httpOnly cookies is a problematic trend due to vulnerabilities like this. If you can exfiltrate an authtoken then one gets long lived access to the system.