No More Posting New Topics!

If you have a question or an issue, please start a thread in our Github Discussions Forum.
This forum is closed for new threads/ topics.

Navigation

    Quasar Framework
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    token storage for web and native mobile

    Help
    native storage token
    2
    3
    331
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tc last edited by

      I am building a desktop/mobile website along with an native app. There is one thing I can’t figure out how to do it properly. That is the auth token storage management.

      From the documentation/tutorial, most of them are using the Localstorge to store the token. But it is vunerable to xss attacks.

      Also, for native mobile app can we use the device storage instead?Like AsyncStorage in react native. If so, how do we do that in same codebase?

      Thanks.

      dobbel 1 Reply Last reply Reply Quote 0
      • dobbel
        dobbel @tc last edited by

        @tc said in token storage for web and native mobile:

        xss

        maybe this article will help:
        https://pragmaticwebsecurity.com/articles/oauthoidc/localstorage-xss.html

        T 1 Reply Last reply Reply Quote 0
        • T
          tc @dobbel last edited by

          @dobbel thanks for the article.
          According to the article, seem there are lot things to do to prevent xss attack.
          Still not convincing enough.
          for eg from the article recommendation:

          Go through every line of code to ensure you do not have XSS vulnerabilities.

          Even I can do this, but still might have vulnerabilities in Quasar, or even Vue itself. and also might overlook the vulnerabilities as well.
          All this seem not piratical to do in real life.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post