- -
In advanced front-end development, choosing a storage solution is vital for security and performance.
In this session, we will analyze the various storage options available to front-end developers. We’ll dive into the security implications and configuration options for each storage type, highlighting risks such as Cross-Site Scripting (XSS) vulnerabilities, exposure through misconfigured CORS policies, data persistence issues, Browser Extensions, and local LLM issues that can lead to unauthorized access of sensitive information.
The discussion will cover practical scenarios, demonstrating how to mitigate risks like insecure cookie configurations (e.g., missing HttpOnly or Secure flags), browser extension interference, and flaws in the Same-Origin Policy that can expose data across subdomains. We will also address maintaining data expiry and consistency and managing performance trade-offs while maintaining a robust security practice.
By the end of the session, you will clearly understand when and why to use each storage option and the critical security considerations that come with them, empowering you to make informed decisions for your front-end projects.
Hila Kraisler is a Principal Software Engineer and Front-End Tech Lead at CyberArk.
She has over a decade of experience in front-end development and is passionate about mentoring and knowledge sharing.
She writes technical blog posts and actively supports women in tech. Hila is the co-founder and co-leader of CyberArk's technical women community, which fosters growth and collaboration among female professionals.