These are my reading notes for Code Fellows
Local storage is vulnerable to ‘XSS Attacks’. Cookies are not accessible via JS, and are not as vulnerable to these attacks.
An XSS attack happens when an attacker can run JavaScript on your website. This means that the attacker can just take the access token that you stored in your localStorage.
An XSS attack can happen from a third-party JavaScript code included in your website, like React, Vue, jQuery, Google Analytics, etc. It’s almost impossible not to include any third-party libraries in your site. (source)
Third-party cookies are cookies that are set by a website other than the one you are currently on. For example, you can have a “Like” button on your website which will store a cookie on a visitor’s computer, that cookie can later be accessed by Facebook to identify visitors and see which websites they visited. (source
A tracking pixel (also called 1x1 pixel or pixel tag) is a graphic with dimensions of 1x1 pixels that is loaded when a user visits a webpage or opens an email. Because it is so small, it can hardly be seen by visitors of a website or email recipients. … Users are usually not supposed to see the tracking pixel. (source)
How Do Tracking Pixels Work? You add the tracking pixel using a code in your site’s HTML code or email, which contains an external link to the pixel server. When someone visits your website, the HTML code is processed by their browser, which follows the link and opens the hidden graphic. (source)
A cookie is a piece of data from a website that is stored within a web browser that the website can retrieve at a later time. (source)
Authorization is the function of specifying access rights/privileges to resources, which is related to general information security and computer security, and to access control in particular. (source)
Access control is a security technique that regulates who or what can view or use resources in a computing environment. (source)
In React, conditional rendering refers to the process of delivering elements and components based on certain conditions. (source)