Make localStorage Data read-Only

依然范特西╮ 提交于 2019-12-08 10:02:25

问题


I am working on AngularJs application .

I store data in localStorage as

localStorageService.set("selectedUserCategory",'Circle');

Now When I see Browser's localStorage data

-- Application
---- LocalStorage

I find my key-value as

selectedUserCategory : 'Circle'

But this data is editable . i.e

If I edit data from Circle to Ci through browser itself it gets saved as Ci, and this might prove harmful because anyone can change data from there .
So I thought of making it read-only . Is there any way of doing it ?

Also is there any way to secure my localStorage data ?
Since the data is easily readable should I encrypt it and then save ??


回答1:


As said by @Carcigenicate nothing is secure once it's on browser. One more step you can do is to store encrypted data in local storage. So it will be difficult for normal user to edit. And if he edits it will not decrypt and thus you can invalid following tasks.

To prevent further, you can Obfuscate/minify your javascript files so it's difficult for ordinary user to reach to your encryption algorithm.

Or if possible encrypt values from server, and using public key, only decryption logic will be on front end side. So even if user gets your data (AND public key even), he won't be able to encrypt it (without your private key) thus it makes impossible for him to alter data.

JSON web token uses this principle, visit https://jwt.io/



来源:https://stackoverflow.com/questions/52820693/make-localstorage-data-read-only

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!