0

I am developing mobile app using jQuery mobile and phonegap. In that I have developed user login functionality and maintained loged in user id in localstorage, So I can relate user activities.

My application is working correctly, But I am worried about external modifications in localstorage. Can it be possible to modify localstorage values outside application.

Code In app : localStorage.setItem("userid", 60);

Can user modify it manually Or it is safe to use?

mujaffars
  • 1,327
  • 12
  • 33
  • Ya, as it is client side, user can change it to any value. But that's quite off topic because anyway any sensible data shouldn't be provided client side without any check server side – A. Wolff Apr 02 '14 at 11:43

2 Answers2

2

If it is any kind of secured data, then it is safe to use Shared Preference in android.

SharedPreferences settings = PreferenceManager.getDefaultSharedPreferences(getApplicationContext());
SharedPreferences.Editor editor = settings.edit();
editor.putString("KEY","VALUE");
editor.commit();

You can access it by plugin.

Similar question is asked here go through it - How to store a json data securely in phonegap android?

Community
  • 1
  • 1
manukv
  • 2,035
  • 17
  • 30
0

The localStorage saves it's key/value pairs per domain (Same-origin-policy). Since a phonegap app will get its own "domain" you do not need to be worried about other apps modifying your variables.

Also see this question right here: In HTML5, is the localStorage object isolated per page/domain?

Nevertheless, I would recommend to not save any sensible data on the client side, it would be better to do this on the server.

Community
  • 1
  • 1
Pat
  • 167
  • 1
  • 3
  • 15