Token information storage

when calling the server interface, you need to pass in the token, returned by the server when logging in. Should there be a client or a server when the token is obtained? will there be security problems if I have a client, such as cookie or localStorage? is there any solution?
the front end is developed with vue, and the back end is developed with java, and the token mechanism of jwt

Aug.11,2021

if the front and rear ends are separated, they are naturally put on the front end. LocalStorage is better than cookie. Users' own token, security problems have little impact. And your token must have expired.


it is recommended to put it in cookie, and set it to httpOnly, otherwise there is no security, and it is easy for third parties to intercept and use


jwt of course.
if there is nothing wrong with using cookie for web projects, you can send requests in httpOnly, browsers directly with them and do not need extra front-end processing
otherwise, use some localStorage


client, and set HttpOnly

to cookie.
MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1b32991-2ab6f.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1b32991-2ab6f.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?