Web storage chooser

← All tools

Cookies, localStorage, sessionStorage, IndexedDB, Cache API, or OPFS? Five questions about server visibility, data shape, and XSS risk — no pasted values, no persistence.

This quiz never asks you to paste storage contents. Assume any client-side store is readable if XSS lands — seethe XSS tutorial andcookie security flags.

~~~

Answer every question first.

Primary fit

~~~

Warnings

Checklist

~~~

Comparison table

CookieslocalStoragesessionStorageIndexedDBCacheOPFS
~~~

About this tool

Browsers offer many storage layers with different lifetimes, quotas, and whether data rides on HTTP requests. Picking the wrong one leaks tokens (cookies on every request) or invites XSS exfiltration (localStorage).

Shareable URLs encode quiz answers only — never storage keys or values.

~~~

Read more