Web storage, sometimes known as DOM storage (Document Object Model storage), provides web application software methods and protocols used for storing data in a web browser. Web storage supports persistent data storage, similar to cookies but with a greatly enhanced capacity[1] and no information stored in the HTTP request header.[2] There are two main web storage types: local storage and session storage, behaving similarly to persistent cookies and session cookies respectively.

Web storage is being standardized by the World Wide Web Consortium (W3C). It was originally part of the HTML5 specification, but is now in a separate specification.[3] It is supported by Internet Explorer 8, Mozilla-based browsers (e.g., Firefox 2+, officially from 3.5),[4] Safari 4, Google Chrome 4 (session storage is from 5), and Opera 10.50. As of 14 March 2011 Opera and IE9 support the storage events.[5]


Web storage can be viewed simplistically as an improvement on cookies. However, it differs from cookies in some key ways.

Storage size

Web storage provides far greater storage capacity (5 MB per origin in Mozilla Firefox,[6] and Opera; 10MB per origin in Google Chrome,[7] 10 MB per storage area in Internet Explorer;[8] 25MB per origin on BlackBerry 10 devices) compared to 4 kB (around 1000 times less space) available to cookies.

Client-side interface

Unlike cookies, which can be accessed by both the server and client side, web storage falls exclusively under the purview of client-side scripting.

Web storage data is not automatically transmitted to the server in every HTTP request, and a web server can't directly write to Web storage. However, either of these effects can be achieved with explicit client-side scripts, allowing for fine-tuning of the desired interaction with the server.

Local and session storage

Web storage offers two different storage areas—local storage and session storage—which differ in scope and lifetime. Data placed in local storage is per origin (the combination of protocol, hostname, and port number as defined in the same-origin policy) (the data is available to all scripts loaded from pages from the same origin that previously stored the data) and persists after the browser is closed. Session storage is per-origin-per-window-or-tab and is limited to the lifetime of the window. Session storage is intended to allow separate instances of the same web application to run in different windows without interfering with each other, a use case that's not well supported by cookies.[9]

Interface and data model

Web storage currently provides a better programmatic interface than cookies because it exposes an associative array data model where the keys and values are both strings. An additional API for accessing structured data is being considered by the W3C Web Applications Working Group. [10]


Browsers that support web storage have the global variables sessionStorage and localStorage declared at the window level. The following JavaScript code can be used on these browsers to trigger web storage behaviour:


// Store value on browser for duration of the session
sessionStorage.setItem('key', 'value');

// Retrieve value (gets deleted when browser is closed and re-opened) ...


// Store value on the browser beyond the duration of the session
localStorage.setItem('key', 'value');

// Retrieve value (persists even after closing and re-opening the browser)

Accessing data for the currently browsed domain

The following code can be used to retrieve all values stored in local storage for the currently browsed domain (the domain for the web page that is being browsed).

This JavaScript code can be executed using development tools available in most modern browsers such as the IE Developer Toolbar, Chrome Developer Tools, the Firebug extension in Firefox, or Opera Dragonfly:

var output = "LOCALSTORAGE DATA:\n------------------------------------\n";
if (localStorage) {
    if (localStorage.length) {
       for (var i = 0; i < localStorage.length; i++) {
           output += localStorage.key(i) + ': ' + localStorage.getItem(localStorage.key(i)) + '\n';
    } else {
       output += 'There is no data stored for this domain.';
} else {
    output += 'Your browser does not support local storage.';

Data types

Only strings can be stored via the Storage API.[11] Attempting to store a different data type will result in an automatic conversion into a string in most browsers. Conversion into JSON (JavaScript Object Notation), however, allows for effective storage of JavaScript objects.

// Store an object instead of a string
localStorage.setItem('key', {name: 'value'});
alert(typeof localStorage.getItem('key')); // string

// Store an integer instead of a string
localStorage.setItem('key', 1);
alert(typeof localStorage.getItem('key')); // string

// Store an object using JSON
localStorage.setItem('key', JSON.stringify({name: 'value'}));
alert(JSON.parse(localStorage.getItem('key')).name); // value


The W3C draft is titled "Web Storage". "DOM storage" has also been a commonly used name, though it is becoming less so; for example the "DOM Storage" web articles of the Mozilla and Microsoft developer sites have been replaced with "Web Storage" articles.[12][13][14][15]

The "DOM" in DOM storage does not literally refer to the Document Object Model. According to the W3C, "The term DOM is used to refer to the API set made available to scripts in Web applications, and does not necessarily imply the existence of an actual Document object..."[16]

Web storage management

Storage of web storage objects is enabled by default in Mozilla Firefox and SeaMonkey, but can be disabled by setting the "about:config" parameter "dom.storage.enabled" to false.[17]

Mozilla Firefox stores all web storage objects in a single file named webappsstore.sqlite. The sqlite3 command can be used to show the elements stored therein.[18]

There are browser extensions/add-ons for Google Chrome and Mozilla Firefox available that let the user deal with web storage, such as "Click&Clean"[19][20] and "BetterPrivacy" which can be configured to remove the whole web storage automatically on a regular basis.[21][22][23]. Mozilla is currently transitioning[24] from its old framework to WebExtensions during which time the Better Privacy add-on has been removed. See this up-to-date Firefox security settings guide for recommended alternatives.

See also


  1. ^ Opera Web Storage, 2011 http://dev.opera.com/articles/view/web-storage/
  2. ^ AndyHume.net, 2011 http://blog.andyhume.net/localstorage-is-not-cookies
  3. ^ Web Storage. W3.org. Retrieved on 2011-06-12.
  4. ^ Mozilla Developer Center: DOM Storage. Developer.mozilla.org. Retrieved on 2011-06-12.
  5. ^ [1]. HTML5 Web Storage in Essence (2011-02-28). Retrieved on 2012-03-30.
  6. ^ John Resig: DOM Storage. John Resig, ejohn.org. Retrieved on 2011-06-12.
  7. ^ https://chromiumcodereview.appspot.com/21680002
  8. ^ Introduction to Web Storage. Microsoft Developer Network, msdn.microsoft.com. Retrieved on 2014-08-05.
  9. ^ W3C: Web Storage draft standard. Dev.w3.org (2004-02-05). Retrieved on 2011-06-12.
  10. ^ W3C: Indexed Database API. W3C. Retrieved on 2012-02-12.
  11. ^ W3C, 2011 http://dev.w3.org/html5/webstorage/
  12. ^ "DOM Storage". Mozilla Developer Network. Archived from the original on June 4, 2011. Retrieved 2011-06-12. 
  13. ^ "Web Storage API". Mozilla Developer Network. Retrieved June 28, 2017. 
  14. ^ "Introduction to DOM Storage". Microsoft Developer Network. Archived from the original on June 8, 2011. Retrieved 2011-06-12. 
  15. ^ "Introduction to Web Storage". Microsoft Developer Network. Retrieved June 28, 2017. 
  16. ^ W3C: Web Storage draft standard. Dev.w3.org (2004-02-05). Retrieved on 2011-06-12.
  17. ^ Mozillazine article on disabling Web Storage Objects in about:config. Kb.mozillazine.org. Retrieved on 2011-06-12.
  18. ^ Firefox’s Super Cookies, Cerias, January 16, 2008
  19. ^ "Click&Clean" extension for Google Chrome. Hotcleaner.com (2011-06-01). Retrieved on 2011-06-12.
  20. ^ "Click&Clean add-on for Mozilla Firefox. Addons.mozilla.org. Retrieved on 2011-06-12.
  21. ^ Mozilla add-ons page for "Better Privacy". Addons.mozilla.org. Retrieved on 2011-06-12.
  22. ^ Replacements for Better Privacy and other useful Firefox tools.. Netticat.ath.cx. Retrieved on 2011-06-12.
  23. ^ Google Chrome Browser Client-Side Storage. Hotcleaner.com. Retrieved on 2011-06-12.
  24. ^ "Firefox add-on technology is modernizing Firefox Help". support.mozilla.org. Retrieved 2017-11-08. 

External links