cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shazron Abdullah (JIRA)" <>
Subject [jira] [Commented] (CB-11032) Prevent LocalStorage from being read by other servers/domains
Date Wed, 01 Mar 2017 20:06:45 GMT


Shazron Abdullah commented on CB-11032:

Thanks for clarifying :)

> Prevent LocalStorage from being read by other servers/domains
> -------------------------------------------------------------
>                 Key: CB-11032
>                 URL:
>             Project: Apache Cordova
>          Issue Type: Wish
>          Components: Android, iOS
>            Reporter: Jan Visser
> I have created a Cordova app so that customers can connect to their intranet or internet
server and see dashboards they created there. Their password is remembered using a token that
is refreshed with a new token on every login and stored in LocalStorage. LocalStorage is scoped
to the origin. The origin of a Cordova app is file:/// or cordova:/// Every server I can connect
to can potentially read the tokens in the LocalStorage.
> My question: How can I prevent this? Anyone with an idea how to fix this? Or are there
any better ways to avoid this problem?
> I'm willing to put time and effort into this issue to create a solution myself if necessary
but first I would like to discuss what the best way to implement this in Cordova should be.
A new plugin? Or maybe add functionality to an existing part of Cordova?

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message