$window.sessionStorage vs $cookieStore

Question

What is the difference between using $cookieStore and &window.sessionStorage? Are there times when one should be used over the other? Security Issues?

Here is

Answer 1

$cookieStore using session cookies means that data is persisted as cookies that are scoped to the session, i.e. not persistent. A cookie is scoped to the particular domain it is registered on, but may be shared between subdomains. The big deal about the cookie store is that those cookie values will be sent to the server for any requests to that domain. It would be shared between windows and tabs in the same session on the same domain.

$window.sessionStorage just accesses the window.sessionStorage, which really has nothing to do with Angular. Accessing it through $window just gives you the ability to test more easily using a mocked version of $window. Session storage is scoped to the current window, so unlike cookies, if you open a new tab to the exact same URL it will be a new sessionStorage object. There is also more room for storage than cookies. A cookie is limited to 4K, sessionStorage can differ per browser but is usually around 5MB.

There's also window.localStorage (or $window.localStorage) which is basically the same as sessionStorage, except it is scoped by domain (two tabs can share the same data - there's even a storage event so you can find out when another tab changes it) and persists when you close your browser.