summaryrefslogtreecommitdiff
path: root/doc/development/secure_coding_guidelines.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/development/secure_coding_guidelines.md')
-rw-r--r--doc/development/secure_coding_guidelines.md19
1 files changed, 18 insertions, 1 deletions
diff --git a/doc/development/secure_coding_guidelines.md b/doc/development/secure_coding_guidelines.md
index 7a3dc1c01fc..e8fda066ca3 100644
--- a/doc/development/secure_coding_guidelines.md
+++ b/doc/development/secure_coding_guidelines.md
@@ -344,7 +344,7 @@ Much of the impact is contingent upon the function of the application and the ca
For a demonstration of the impact on GitLab with a realistic attack scenario, see [this video on the GitLab Unfiltered channel](https://www.youtube.com/watch?v=t4PzHNycoKo) (internal, it requires being logged in with the GitLab Unfiltered account).
-### When to consider?
+### When to consider
When user submitted data is included in responses to end users, which is just about anywhere.
@@ -1395,3 +1395,20 @@ Additional resources:
- <https://github.com/EthicalML/fml-security#exploring-the-owasp-top-10-for-ml>
- <https://learn.microsoft.com/en-us/security/engineering/threat-modeling-aiml>
- <https://learn.microsoft.com/en-us/security/engineering/failure-modes-in-machine-learning>
+
+## Local Storage
+
+### Description
+
+Local storage uses a built-in browser storage feature that caches data in read-only UTF-16 key-value pairs. Unlike `sessionStorage`, this mechanism has no built-in expiration mechanism, which can lead to large troves of potentially sensitive information being stored for indefinite periods.
+
+### Impact
+
+Local storage is subject to exfiltration during XSS attacks. These type of attacks highlight the inherent insecurity of storing sensitive information locally.
+
+### Mitigations
+
+If circumstances dictate that local storage is the only option, a couple of precautions should be taken.
+
+- Local storage should only be used for the minimal amount of data possible. Consider alternative storage formats.
+- If you have to store sensitive data using local storage, do so for the minimum time possible, calling `localStorage.removeItem` on the item as soon as we're done with it. Another alternative is to call `localStorage.clear()`.
View Lorry Controller Status