Remix.run Logo
mdaniel 7 months ago

> and they're server-readable too now, just indirectly.

Could you point me to more reading about this? It's the first time I've heard of it

graypegg 7 months ago | parent [-]

I think they mean that you can always send back the content of a localstorage property with javascript grabbing the value and sending another request back with it in the body. Since the front end is going to run any javascript the server sends it (disregarding adblockers at least), it's sort of a more indirect version of Set-Cookie.

emn13 7 months ago | parent [-]

Yeah, that's what I meant. There's no built in support; but it's indirectly readable since client-side JS can read it.

j16sdiz 7 months ago | parent [-]

This miss the "HttpOnly" part, which prevents javascript (think script injection vulnerability) from touching this part of the storage