← Back to Blog
5 min read Avinash Jha

Storage Options in Browser

Discover the different storage options available in the browser and their use cases.

tutorials browser storage programming javascript web development local storage session storage cookies indexeddb cache api

Modern web applications often need to persist data on the client side to improve performance, enable offline capabilities, or maintain user state across sessions. But with several options available in the browser, choosing the right one can be confusing.

In this article, we'll explore the different storage options available in modern browsers, their use cases, pros and cons, and when to use which.

1. Local Storage

Local Storage is perhaps the most well-known client-side storage mechanism. It allows you to store key-value pairs in a web browser with no expiration date. The data persists even after the browser window is closed.

Key Features

  • Capacity: Typically around 5MB–10MB per origin.
  • Persistence: Indefinite (until explicitly cleared by the user or code).
  • Data Type: Strings only (you must serialize objects).
  • Access: Synchronous (blocking the main thread).

Performance Note: Because Local Storage is synchronous, heavy reads/writes can block the main thread and cause UI lags. Avoid storing large payloads or frequently updated data in performance-sensitive applications.

Code Example

// Storing data
const userSettings = {
  theme: "dark",
  notifications: true,
};
localStorage.setItem("settings", JSON.stringify(userSettings));

// Retrieving data
const storedSettings = localStorage.getItem("settings");
if (storedSettings) {
  const settings = JSON.parse(storedSettings);
  console.log(settings.theme); // 'dark'
}

// Removing data
localStorage.removeItem("settings");

// Clear all
localStorage.clear();

When to Use

  • User Preferences: Storing themes (light/dark mode), layout configurations, or default settings.
  • Shopping Carts: Preserving cart items for unauthenticated users.
  • Form Data: Saving partially filled forms (autosave).

Local Storage is not suitable for large datasets, complex queries, or sensitive information.

Pros & Cons

Pros Cons
Simple API Synchronous (can block the main thread)
Widely supported Limited to strings
Persistent Vulnerable to XSS (don’t store sensitive data!)

2. Session Storage

Session Storage is very similar to Local Storage in terms of API, but with a crucial difference: validity. Data stored in Session Storage is cleared when the page session ends (i.e., when the tab or window is closed).

Key Features

  • Capacity: Typically around 5MB.
  • Persistence: Cleared when the tab/window is closed.
  • Data Type: Strings only.
  • Scope: Per tab (each tab has its own session).

Code Example

// Storing data
sessionStorage.setItem("tempId", "12345");

// Retrieving data
const id = sessionStorage.getItem("tempId");

// Removing data
sessionStorage.removeItem("tempId");

When to Use

  • Multi-step Forms: Passing data between steps without permanent persistence.
  • One-time Notifications: Showing a message only once per session.
  • Temporary UI State: Scroll position, open modals, or tab-specific state.

Pros & Cons

Pros Cons
Per-tab isolation Data lost on tab close
Simple API Synchronous
Automatic cleanup Limited to strings

3. Cookies

Cookies are the oldest form of client-side storage. Unlike other storage options, cookies are primarily designed for server-side access and are automatically sent with every HTTP request.

Key Features

  • Capacity: ~4KB per cookie.
  • Persistence: Configurable (session-based or with expiration).
  • Data Type: Strings.
  • Scope: Sent to the server on every request.

Code Example

You can use document.cookie, though its API is cumbersome. Libraries like js-cookie are often preferred.

// Setting a cookie
document.cookie =
  "username=John Doe; expires=Thu, 18 Dec 2026 12:00:00 UTC; path=/";

// Reading cookies (requires parsing)
const allCookies = document.cookie;

When to Use

  • Authentication: Storing session identifiers or tokens.
  • Server-side Tracking: Analytics or user behavior tracking.
  • Personalization: Server-rendered preferences (e.g., language or region).

Security Best Practices:

  • Authentication cookies should use HttpOnly, Secure, and SameSite flags.
  • HttpOnly cookies cannot be accessed via JavaScript, protecting them from XSS.
  • Cookies without SameSite protection may be vulnerable to CSRF attacks.
  • Avoid storing access tokens in Local Storage in production applications.

Pros & Cons

Pros Cons
Readable by Server Very small capacity (~4KB)
Configurable expiration Sent with every request (performance hit)
HttpOnly improves security Complex native API

4. IndexedDB

IndexedDB is a low-level API for client-side storage of large amounts of structured data, including files and blobs. It functions like a NoSQL database in the browser.

Key Features

  • Capacity: Large (quota varies by browser and device).
  • Persistence: Indefinite.
  • Data Type: Objects, Files, Blobs, Arrays.
  • Access: Asynchronous (non-blocking).

Storage quotas are typically a percentage of available disk space per origin. Browsers may prompt users when large storage usage is requested.

Code Example

const request = indexedDB.open("my-database", 1);

request.onupgradeneeded = (event) => {
  const db = event.target.result;
  db.createObjectStore("keyval");
};

request.onsuccess = (event) => {
  const db = event.target.result;

  const transaction = db.transaction(["keyval"], "readwrite");
  transaction.objectStore("keyval").put("bar", "foo");

  const getRequest = db
    .transaction(["keyval"])
    .objectStore("keyval")
    .get("foo");

  getRequest.onsuccess = () => {
    console.log(getRequest.result); // 'bar'
  };
};

When to Use

  • Offline-First Applications
  • Rich Media Caching
  • Complex or Indexed Data Storage

Pros & Cons

Pros Cons
Large storage capacity Complex API
Structured data & indexing Steeper learning curve
Asynchronous & performant Overkill for simple use

5. Cache API

The Cache API allows you to store network requests and their responses. It is commonly used with Service Workers to enable offline support and faster load times.

Key Features

  • Capacity: High (shared with IndexedDB).
  • Persistence: Indefinite.
  • Data Type: Request / Response objects.
  • Access: Asynchronous.

Code Example

const cache = await caches.open("my-cache-v1");
await cache.add("/api/user-data");

const response = await cache.match("/api/user-data");
if (response) {
  const data = await response.json();
}

Important: The Cache API does not automatically update or expire entries. Developers must manually manage cache versioning and invalidation to avoid serving stale content.

When to Use

  • PWAs: Offline asset caching.
  • API Response Caching: Reducing network requests.

Comparison Summary

Feature Local Storage Session Storage Cookies IndexedDB
Capacity ~5–10MB ~5MB ~4KB Large (GBs)
Expiry Never Tab Close Configurable Never
Access Client Client Client & Server Client
Type String String String Object/File
Sync/Async Sync Sync Sync (JS) Async

Conclusion

Choosing the right storage option depends entirely on your use case:

  • Need to store simple preferences? → Local Storage
  • Need temporary per-tab data? → Session Storage
  • Need server-readable or secure auth data? → Cookies
  • Need large, structured, offline-capable data? → IndexedDB
  • Need to cache network requests or assets? → Cache API

Modern Consideration: Browsers increasingly enforce storage partitioning and restrictions (especially in third-party contexts) to improve user privacy. Always test storage behavior across browsers.

Understanding these tools allows you to build faster, more secure, and more resilient web applications.

← Back to Blog