Local Storage Blocks

These are some blocks I made that interface with the javascript localStorage API allowing to store data persistently even after refreshing, something variables don't have the capability of.

save [] with value [] :: sensing

(value of [] :: sensing)

delete value [] :: sensing

clear storage :: sensing

Anyways you can try these blocks here, and don't forget to enable JavaScript extensions

Do these store in a different place to the library database blocks?

that's implemented using procedures, this one uses direct JS functions

What's the difference between procedures and direct JS functions?

The procedures store the data in the same place, localStorage, but in -snap-project-[key].
The direct JS functions allow you to modify all what Snap! has stored, which I don't recommend.

I would be easy to imagine someone using the http(s) or MQTT libraries and the JS functions to steal passwordssession tokens!

It wouldn't be your password, it would be a session token. I also never thought of this before... This is why you have to enable javascript, you're supposed to read the code to decide if it's safe or not.

I don't think Snap! stores passwords in local storage. I looked through each key that Snap! initialized, even the internal ones, and I couldn't find my password anywhere, even through Base-64. So I think we may be safe.

The session token (which is not your password), is usually stored in browser cookies.

Correct me if im wrong, but I believe tokens are stored in cookies, and the cookie is set to http only, which means javascript cant access it, and it can only be retrieved by the server when the client bundles the cookies with the rest of the web request.

Huh, I didn't know about http only cookies before now, guess that's something I learned today.