Web storage

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Web storage, sometimes known as DOM storage (Document Object Model storage), provides web application software methods and protocols used for storing data in a web browser. Web storage supports persistent data storage, similar to cookies but with a greatly enhanced capacity[1] and no information stored in the HTTP request header.[2] There are two main web storage types: local storage and session storage, behaving similarly to persistent cookies and session cookies respectively.

All major browsers support Web storage, which is standardized by the World Wide Web Consortium (W3C).[3]


Web storage can be viewed simplistically as an improvement on cookies. However, it differs from cookies in some key ways.


Web storage is intended for storing information client-side (and never transmitted to the server), while cookies are intended for communication with server and automatically added to headers of all requests, if applicable.

Storage size[edit]

Web storage provides far greater storage capacity (5 MB per origin in Mozilla Firefox,[4] and Opera; 10 MB per origin in Google Chrome,[5] 10 MB per storage area in Internet Explorer;[6] 25 MB per origin on BlackBerry 10 devices) compared to 4 kB (around 1000 times less space) available to cookies.

Client-side interface[edit]

Unlike cookies, which can be accessed by both the server and client side, web storage falls exclusively under the purview of client-side scripting.

Web storage data is not automatically transmitted to the server in every HTTP request, and a web server can't directly write to Web storage. However, either of these effects can be achieved with explicit client-side scripts, allowing for fine-tuning of the desired interaction with the server.

Local and session storage[edit]

Web storage offers two different storage areas—local storage and session storage—which differ in scope and lifetime. Data placed in local storage is per origin (the combination of protocol, hostname, and port number as defined in the same-origin policy) (the data is available to all scripts loaded from pages from the same origin that previously stored the data) and persists after the browser is closed. Session storage is per-origin-per-window-or-tab and is limited to the lifetime of the window. Session storage is intended to allow separate instances of the same web application to run in different windows without interfering with each other, a use case that's not well supported by cookies.[7]

Since data is stored per origin (which includes protocol, hostname and port number), WebStorage does not suffer from cookie Weak Integrity and Weak Confidentiality issues, described in RFC 6265 sections 8.5 and 8.6.

Interface and data model[edit]

Web storage currently provides a better programmatic interface than cookies because it exposes an associative array data model where the keys and values are both strings. An additional API for accessing structured data is being considered by the W3C Web Applications Working Group. [8]


Browsers that support web storage have the global variables sessionStorage and localStorage declared at the window level. The following JavaScript code can be used on these browsers to trigger web storage behaviour:


// Store value on browser for duration of the session
sessionStorage.setItem('key', 'value');

// Retrieve value (gets deleted when browser is closed and re-opened) ...


// Store value on the browser beyond the duration of the session
localStorage.setItem('key', 'value');

// Retrieve value (persists even after closing and re-opening the browser)

Data types[edit]

Only strings can be stored via the Storage API.[9] Attempting to store a different data type will result in an automatic conversion into a string in most browsers. Conversion into JSON (JavaScript Object Notation), however, allows for effective storage of JavaScript objects.

// Store an object instead of a string
localStorage.setItem('key', {name: 'value'});
alert(typeof localStorage.getItem('key')); // string

// Store an integer instead of a string
localStorage.setItem('key', 1);
alert(typeof localStorage.getItem('key')); // string

// Store an object using JSON
localStorage.setItem('key', JSON.stringify({name: 'value'}));
alert(JSON.parse(localStorage.getItem('key')).name); // value


The W3C draft is titled "Web Storage". "DOM storage" has also been a commonly used name, though it is becoming less so; for example the "DOM Storage" web articles of the Mozilla and Microsoft developer sites have been replaced with "Web Storage" articles.[10][11][12][13]

The "DOM" in DOM storage does not literally refer to the Document Object Model. According to the W3C, "The term DOM is used to refer to the API set made available to scripts in Web applications, and does not necessarily imply the existence of an actual Document object..."[14]

Web storage management[edit]

Storage of web storage objects is enabled by default in current versions of all supporting web browsers, with browser vendors providing ways for users to natively enable or disable web storage, or clear the web storage "cache".[15]

Similar controls over web storage are also available through 3rd party browser extensions/add-ons.

Mozilla Firefox and Google Chrome physically store web storage objects in sqlite databases, where as Opera and Internet Explorer physically store web storage objects in per-site XML files. [16]

In Firefox, web storage data is stored in the webappsstore.sqlite file in the user's profile folder.[17]

In Chrome, web storage data is stored in the user's profile folder - typically "\AppData\Local\Google\Chrome\User Data\Default\Local Storage" on Windows, and "~/Library/Application Support/Google/Chrome/Default/Local Storage" on OS X.

In Opera, web storage data is stored at either "\AppData\Roaming\Opera\Opera\sessions\autosave.win" or "\AppData\Local\Opera\Opera\pstorage\" depending upon Opera version.[18]

In Internet Explorer, web storage is stored under "\AppData\LocalLow\Microsoft\Internet Explorer\DOMStorage".

See also[edit]


  1. ^ Opera Web Storage, 2011 http://dev.opera.com/articles/view/web-storage/
  2. ^ AndyHume.net, 2011 http://blog.andyhume.net/localstorage-is-not-cookies
  3. ^ Web Storage. W3.org. Retrieved on 2011-06-12.
  4. ^ John Resig: DOM Storage. John Resig, ejohn.org. Retrieved on 2011-06-12.
  5. ^ "Issue 21680002: Up the window.localstorage limit to 10M from 5M. - Code Review". chromiumcodereview.appspot.com.
  6. ^ Introduction to Web Storage. Microsoft Developer Network, msdn.microsoft.com. Retrieved on 2014-08-05.
  7. ^ W3C: Web Storage draft standard. Dev.w3.org (2004-02-05). Retrieved on 2011-06-12.
  8. ^ W3C: Indexed Database API. W3C. Retrieved on 2012-02-12.
  9. ^ W3C, 2011 http://dev.w3.org/html5/webstorage/
  10. ^ "DOM Storage". Mozilla Developer Network. Archived from the original on June 4, 2011. Retrieved 2011-06-12.
  11. ^ "Web Storage API". Mozilla Developer Network. Retrieved June 28, 2017.
  12. ^ "Introduction to DOM Storage". Microsoft Developer Network. Archived from the original on June 8, 2011. Retrieved 2011-06-12.
  13. ^ "Introduction to Web Storage". Microsoft Developer Network. Retrieved June 28, 2017.
  14. ^ W3C: Web Storage draft standard. Dev.w3.org (2004-02-05). Retrieved on 2011-06-12.
  15. ^ "How to enable, disable, or clear your browser's "Web Storage" cache - MIDAS Knowledgebase". mid.as.
  16. ^ "html - How is HTML5 WebStorage data physically stored?". Stack Overflow.
  17. ^ "html5 - Where does Firefox store javascript/HTML localStorage?". Stack Overflow.
  18. ^ "local storage - Where the sessionStorage and localStorage stored?". Stack Overflow.

External links[edit]