Web storage, formerly known asDOM storage (Document Object Model storage), is a standardJavaScript API provided byweb browsers. It enableswebsites to storepersistent data on users' devices similar tocookies, but with much larger capacity^[1] and no information sent inHTTP headers.^[2] There are two main web storage types: local storage and session storage, behaving similarly topersistent cookies andsession cookies respectively. Web Storage is standardized by theWorld Wide Web Consortium (W3C)^[3] andWHATWG,^[4] and is supported by all major browsers.

Web storage differs from cookies in some key ways.

Cookies are intended for communication with servers; they are automatically added to all requests and can be accessed by both the server and client-side. Web storage falls exclusively under the purview ofclient-side scripting. Web storage data is not automatically transmitted to the server in every HTTP request, and a web server can't directly write to Web storage. However, either of these effects can be achieved with explicit client-side scripts, allowing for fine-tuning the server's desired interaction.

Cookies are restricted to 4 kilobytes. Web storage provides far greater storage capacity:

• Opera 10.50+ allows 5 MB^[1]
• Safari 8 allows 5 MB^[5]
• Firefox 34 allows 10 MB^[5] (formerly 5 MB perorigin in 2007^[6])
• Google Chrome allows 10 MB per origin (formerly 5 MB per origin)^[7]
• Internet Explorer allows 10 MB per storage area^[8]

Web storage offers two different storage areas—local storage and session storage—which differ in scope and lifetime. Data placed in local storage is per origin—the combination of protocol, host name, and port number as defined in thesame-origin policy. The data is available to all scripts loaded from pages from the same origin that previously stored the data and persists after the browser is closed. As such, Web storage does not suffer from cookie Weak Integrity and Weak Confidentiality issues, described inRFC 6265 sections 8.5 and 8.6. Session storage is both per-origin and per-instance (per-window or per-tab) and is limited to the lifetime of the instance. Session storage is intended to allow separate instances of the same web app to run in different windows without interfering with each other, a use case that's not well supported by cookies.^[9]

Web storage provides a better programmatic interface than cookies because it exposes anassociative arraydata model where the keys and values are bothstrings.

Browsers that support web storage have the global objectssessionStorage andlocalStorage declared at the window level. The followingJavaScript code can be used on these browsers to trigger web storage behavior:

// Store value on browser for duration of the sessionsessionStorage.setItem('key','value');// Retrieve value (gets deleted when browser is closed and re-opened) ...alert(sessionStorage.getItem('key'));// Store value on the browser beyond the duration of the sessionlocalStorage.setItem('key','value');// Retrieve value (persists even after closing and re-opening the browser)alert(localStorage.getItem('key'));

Only strings can be stored via the Storage API.^[10] Attempting to store a different data type will result in an automatic conversion into a string in most browsers. Conversion intoJSON, however, allows for effective storage of JavaScript objects.

// Store an object instead of a stringlocalStorage.setItem('key',{name:'value'});alert(typeoflocalStorage.getItem('key'));// string// Store an integer instead of a stringlocalStorage.setItem('key',1);alert(typeoflocalStorage.getItem('key'));// string// Store an object using JSONlocalStorage.setItem('key',JSON.stringify({name:'value'}));alert(JSON.parse(localStorage.getItem('key')).name);// value

The W3C draft is titled "Web Storage". "DOM storage" has also been a commonly used name, though it is becoming less so; for example the "DOM Storage" web articles of the Mozilla and Microsoft developer sites have been replaced with "Web Storage" articles.^{[11][12][13][14]}

The "DOM" in DOM storage does not literally refer to theDocument Object Model. According to the W3C, "The term DOM is used to refer to the API set made available to scripts in Web applications, and does not necessarily imply the existence of an actual Document object..."^[15]

Storage of web storage objects is enabled by default in current versions of all supporting web browsers, with browser vendors providing ways for users natively to enable or disable web storage, or clear the web storage "cache". Similar controls over web storage are also available through 3rd partybrowser extensions. Each browser stores Web storage objects differently:

• Firefox saves Web storage objects in aSQLite file calledwebappsstore.sqlite in the user's profile folder.^[16]
• Google Chrome records Web storage data in aSQLite file in the user's profile. The subfolder containing this file is "\AppData\Local\Google\Chrome\User Data\Default\Local Storage" onWindows, and "~/Library/Application Support/Google/Chrome/Default/Local Storage" onmacOS.
• Opera's Web storage is located in either "\AppData\Roaming\Opera\Opera\sessions\autosave.win" or "\AppData\Local\Opera\Opera\pstorage\" depending upon Opera's version.
• Internet Explorer's Web storage is "\AppData\LocalLow\Microsoft\Internet Explorer\DOMStorage".
• Safari's Web Storage is located in a folder labeled "LocalStorage" within a hidden "safari" folder.^[17]

• Indexed Database API

• HTML Living Standard 11 Web storage
• W3C: Web Storage
• Web Storage API on Mozilla Developer Network
• Opera: Web Storage: easier, more powerful client-side data storage
• Local Storage on BlackBerry DevZone

• World Wide Web Consortium standards
• HTML5
• Internet privacy

• Articles with short description
• Short description matches Wikidata