diff options
| author | Osmium Sorcerer <os@sof.beauty> | 2026-04-07 02:55:26 +0000 |
|---|---|---|
| committer | stonedDiscord <Tukz@gmx.de> | 2026-05-04 22:56:49 +0200 |
| commit | 2f57c6c54bceb7d1be061d6f37b501dd6a58eaa4 (patch) | |
| tree | 959943f8d91464b5d8beae0f7bf61e6262e4f33d /public | |
| parent | fcaee3675fde49e2cd5bb8103d1c1f60863bc42c (diff) | |
Replace cookies with localStorage
Cookies's use case is to store persistent data and send it to the server
in subsequent requests, such as to remember logged-in sessions. WebAO is
using them to store site settings like ad-hoc hash tables that require
parsing and serialization.
As a nasty side-effect of how cookies work, clients send all their
settings every time they connect to the server. Server has absolutely no
use for them, but each client sends them anyway, which is an
uncalled-for privacy leak.
Remove this mechanism entirely, switch to localStorage which serves
exactly the purpose of per-origin store with data that never leaves the
browser.
Diffstat (limited to 'public')
| -rw-r--r-- | public/client.html | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/public/client.html b/public/client.html index 85dc118..90fc41b 100644 --- a/public/client.html +++ b/public/client.html @@ -948,12 +948,10 @@ ></textarea> <br /> <br /> - <span style="color: blue" - >Changing these settings will save them as a cookie.<br /> - By doing so, you agree to it being saved.<br /> - If you don't agree, disable cookies for this site in your - browser.</span - > + <span> + Changing these settings will save them locally in your browser.<br /> + Saved settings are never transmitted. + </span> <br /> <br /> <button id="client_disconnect" onclick="DisconnectButton()"> |