Skip to main content
All CollectionsRule documentationSecurity best practices
Use of Session storage and Local storage
Use of Session storage and Local storage

Keep client-side storage without sensitive data.

Gabriele Gallo Stampino avatar
Written by Gabriele Gallo Stampino
Updated over a week ago


Data placed in the localStorage persists after a session is closed, and thus, any actor with access to the browser will be able to obtain it. Furthermore, data in the localStorage or in the sessionStorage is visible to scripts that are running on the browser, and these scripts could belong to malicious third parties. Therefore, no sensitive or session information should be stored in the client-side storage.


  • LWC

  • Aura

Related resources

Did this answer your question?