My first blog

Cookies vs Local Storage in JavaScript

Diwakar's photo
Diwakar
·

3 min read

Both cookies and localStorage are ways to store data on the client's side, but they have different purposes, use-cases, and characteristics. Here's a comparison of the two:

  1. Lifespan:

    • Cookies: Can have a set expiration date. If not set, they will expire at the end of a session (i.e., when the browser closes).

    • LocalStorage: Does not have an expiration date. Data persists until explicitly deleted.

  2. Capacity:

    • Cookies: Limited to 4KB per cookie.

    • LocalStorage: Typically, browsers allocate around 5-10 MB for localStorage (though the exact amount can vary by browser).

  3. Scope:

    • Cookies: Scoped to domains and paths. Can be sent with every HTTP request to the domain, if the cookie's domain and path match the request.

    • LocalStorage: Only accessible via JavaScript on the same domain. Data stored in localStorage is not sent with HTTP requests.

  4. Performance:

    • Cookies: Since they are sent with every HTTP request to a domain (if they match domain and path), they can potentially slow down web traffic slightly.

    • LocalStorage: Does not impact HTTP traffic, as the data is only stored and accessed client-side.

  5. Server Side:

    • Cookies: Can be read server-side, which is useful for authentication tokens and other server-side tasks.

    • LocalStorage: Cannot be read server-side.

  6. Data Type:

    • Cookies: Only stores strings.

    • LocalStorage: Though it inherently stores everything as a string, objects can be stored as well using JSON.stringify() when saving and JSON.parse() when retrieving.

  7. Security:

    • Cookies: Can be secure (if set with the Secure flag) and only transmitted over HTTPS. Also can be flagged HttpOnly, which means they cannot be accessed via JavaScript, providing some protection against cross-site scripting (XSS) attacks.

    • LocalStorage: Vulnerable to cross-site scripting (XSS) attacks. If an attacker can run JavaScript on a website, they can access and modify localStorage.

  8. Use Cases:

    • Cookies: Typically used for sessions, user identification, and tracking.

    • LocalStorage: Great for storing larger amounts of non-sensitive data on the client side, like user settings, cached data, or offline app data.

  9. Ease of Use:

    • Cookies: A bit more cumbersome to work with in JavaScript without libraries.

    • LocalStorage: Has a very straightforward API (e.g., localStorage.setItem('key', 'value') and localStorage.getItem('key')).

  10. Other Storage Options:

    • Beyond cookies and localStorage, modern browsers also offer sessionStorage (similar to localStorage but expires with the session) and IndexedDB (a more complex client-side database system).

In conclusion, while both cookies and localStorage offer client-side data storage, their use-cases, characteristics, and technical details vary greatly. The choice between them largely depends on the specific requirements of your web application.

Thank you for reading. I encourage you to follow me on Twitter where I regularly share content about JavaScript and React, as well as contribute to open-source projects and learning golang. I am currently seeking a remote job or internship.

Twitter: https://twitter.com/Diwakar_766

GitHub: https://github.com/DIWAKARKASHYAP

Portfolio: https://diwakar-portfolio.vercel.app/

cookieslocalstorageJavaScriptProgramming Tipsdiwakar kashyap