localStorage，sessionStorage，session和cookie之间有什么区别？

本文翻译自：What is the difference between localStorage, sessionStorage, session and cookies?

localStorage，sessionStorage，session和cookie的技术优缺点是什么，何时可以在另一个之上使用？

---

#1楼

参考：https://stackoom.com/question/1LMT9/localStorage-sessionStorage-session和cookie之间有什么区别

---

#2楼

This is an extremely broad scope question, and a lot of the pros/cons will be contextual to the situation. 这是一个范围极为广泛的问题，很多利弊都取决于具体情况。

In all cases, these storage mechanisms will be specific to an individual browser on an individual computer/device. 在所有情况下，这些存储机制都将特定于单个计算机/设备上的单个浏览器。 Any requirement to store data on an ongoing basis across sessions will need to involve your application server side - most likely using a database, but possibly XML or a text/CSV file. 跨会话持续存储数据的任何要求都将涉及您的应用服务器端-最有可能使用数据库，但可能使用XML或文本/ CSV文件。

localStorage, sessionStorage, and cookies are all client storage solutions. localStorage，sessionStorage和cookie都是客户端存储解决方案。 Session data is held on the server where it remains under your direct control. 会话数据保存在您直接控制的服务器上。

localStorage and sessionStorage localStorage和sessionStorage

localStorage and sessionStorage are relatively new APIs (meaning, not all legacy browsers will support them) and are near identical (both in APIs and capabilities) with the sole exception of persistence. localStorage和sessionStorage是相对较新的API（意味着，并非所有旧版浏览器都支持它们），并且几乎完全相同（API和功能都相同），唯一的例外是持久性。 sessionStorage (as the name suggests) is only available for the duration of the browser session (and is deleted when the tab or window is closed) - it does, however, survive page reloads (source DOM Storage guide - Mozilla Developer Network ). sessionStorage（顾名思义）仅在浏览器会话期间可用（并在关闭选项卡或窗口时删除）-但是，它确实可以在页面重新加载后幸存（源DOM存储指南-Mozilla开发人员网络 ）。

Clearly, if the data you are storing needs to be available on an ongoing basis then localStorage is preferable to sessionStorage - although you should note both can be cleared by the user so you should not rely on the continuing existence of data in either case. 显然，如果需要持续提供要存储的数据，则localStorage比sessionStorage更可取-尽管您应注意两者都可以被用户清除，所以在任何一种情况下都不应依赖于数据的持续存在。

localStorage and sessionStorage are perfect for persisting non-sensitive data needed within client scripts between pages (for example: preferences, scores in games). localStorage和sessionStorage非常适合在页面之间的客户端脚本中持久存储所需的非敏感数据（例如：偏好，游戏中的得分）。 The data stored in localStorage and sessionStorage can easily be read or changed from within the client/browser so should not be relied upon for storage of sensitive or security-related data within applications. 可以轻松地从客户端/浏览器中读取或更改存储在localStorage和sessionStorage中的数据，因此不应依赖它们在应用程序中存储敏感或与安全相关的数据。

Cookies 饼干

This is also true for cookies, these can be trivially tampered with by the user, and data can also be read from them in plain text - so if you are wanting to store sensitive data then the session is really your only option. 对于cookie来说也是如此，它们可以被用户轻易地篡改，并且还可以纯文本格式从中读取数据-因此，如果您要存储敏感数据，则会话实际上是您唯一的选择。 If you are not using SSL, cookie information can also be intercepted in transit, especially on an open wifi. 如果您未使用SSL，则cookie信息也可能在传输过程中被截获，尤其是在开放的wifi上。

On the positive side cookies can have a degree of protection applied from security risks like Cross-Site Scripting (XSS)/Script injection by setting an HTTP only flag which means modern (supporting) browsers will prevent access to the cookies and values from JavaScript (this will also prevent your own, legitimate, JavaScript from accessing them). 从积极的方面来说，通过设置仅HTTP标志，cookie可以受到一定程度的保护，免受跨站点脚本（XSS）/脚本注入等安全风险的威胁，这意味着现代（支持）浏览器将阻止访问JavaScript和来自JavaScript的值（这也将阻止您自己的合法JavaScript访问它们）。 This is especially important with authentication cookies, which are used to store a token containing details of the user who is logged on - if you have a copy of that cookie then for all intents and purposes you become that user as far as the web application is concerned, and have the same access to data and functionality the user has. 这对于身份验证cookie尤其重要，身份验证cookie用于存储包含登录用户详细信息的令牌-如果您拥有该cookie的副本，那么就所有意图和目的而言，您将成为该用户，直至该Web应用程序为止。并具有与用户拥有的数据和功能相同的访问权限。

As cookies are used for authentication purposes and persistence of user data, all cookies valid for a page are sent from the browser to the server for every request to the same domain - this includes the original page request, any subsequent Ajax requests, all images, stylesheets, scripts, and fonts. 由于Cookie用于身份验证和用户数据持久化，因此针对同一域的每个请求都会将针对页面有效的所有 cookie从浏览器发送到服务器-包括原始页面请求，任何后续的Ajax请求，所有图像，样式表，脚本和字体。 For this reason, cookies should not be used to store large amounts of information. 因此，cookies不应用于存储大量信息。 The browser may also impose limits on the size of information that can be stored in cookies. 浏览器还可能会限制可存储在Cookie中的信息的大小。 Typically cookies are used to store identifying tokens for authentication, session, and advertising tracking. 通常，cookie用于存储身份验证令牌，以进行身份​​验证，会话和广告跟踪。 The tokens are typically not human readable information in and of themselves, but encrypted identifiers linked to your application or database. 令牌本身通常不是人类可读的信息，而是链接到您的应用程序或数据库的加密标识符。

localStorage vs. sessionStorage vs. Cookies localStorage vs.sessionStorage vs.Cookie

In terms of capabilities, cookies, sessionStorage, and localStorage only allow you to store strings - it is possible to implicitly convert primitive values when setting (these will need to be converted back to use them as their type after reading) but not Objects or Arrays (it is possible to JSON serialise them to store them using the APIs). 就功能而言，Cookie，sessionStorage和localStorage仅允许您存储字符串-设置时可以隐式转换原始值（读取后将这些原始值转换回使用它们作为它们的类型），但不允许对象或数组（可以将它们进行JSON序列化以使用API​​进行存储）。 Session storage will generally allow you to store any primitives or objects supported by your Server Side language/framework. 会话存储通常将允许您存储服务器端语言/框架支持的任何原语或对象。

Client-side vs. Server-side 客户端与服务器端

As HTTP is a stateless protocol - web applications have no way of identifying a user from previous visits on returning to the web site - session data usually relies on a cookie token to identify the user for repeat visits (although rarely URL parameters may be used for the same purpose). 由于HTTP是一种无状态协议，Web应用程序无法从返回站点时的先前访问中识别用户-会话数据通常依赖于Cookie令牌来标识用户以进行重复访问（尽管很少有URL参数可用于相同的目的）。 Data will usually have a sliding expiry time (renewed each time the user visits), and depending on your server/framework data will either be stored in-process (meaning data will be lost if the web server crashes or is restarted) or externally in a state server or database. 数据通常会有一个到期时间（每次用户访问时都会更新），并且取决于服务器/框架，数据将存储在进程内（这意味着数据将在Web服务器崩溃或重新启动时丢失）或在外部存储。状态服务器或数据库。 This is also necessary when using a web-farm (more than one server for a given website). 使用网络农场（给定网站有多个服务器）时，这也是必要的。

As session data is completely controlled by your application (server side) it is the best place for anything sensitive or secure in nature. 由于会话数据完全由您的应用程序（服务器端）控制，因此它是任何敏感或安全性质的最佳场所。

The obvious disadvantage of server-side data is scalability - server resources are required for each user for the duration of the session, and that any data needed client side must be sent with each request. 服务器端数据的明显缺点是可伸缩性-会话期间每个用户都需要服务器资源，并且客户端所需的任何数据都必须与每个请求一起发送。 As the server has no way of knowing if a user navigates to another site or closes their browser, session data must expire after a given time to avoid all server resources being taken up by abandoned sessions. 由于服务器无法知道用户是导航到另一个站点还是关闭其浏览器，因此会话数据必须在给定时间后过期，以避免所有服务器资源被废弃的会话占用。 When using session data you should, therefore, be aware of the possibility that data will have expired and been lost, especially on pages with long forms. 因此，在使用会话数据时，您应该意识到数据可能已经过期并丢失的可能性，尤其是在长格式页面上。 It will also be lost if the user deletes their cookies or switches browsers/devices. 如果用户删除其cookie或切换浏览器/设备，它也将丢失。

Some web frameworks/developers use hidden HTML inputs to persist data from one page of a form to another to avoid session expiration. 某些Web框架/开发人员使用隐藏的HTML输入来将数据从表单的一个页面持久保存到另一页面，以避免会话过期。

localStorage, sessionStorage, and cookies are all subject to "same-origin" rules which means browsers should prevent access to the data except the domain that set the information to start with. localStorage，sessionStorage和Cookie均受“同源”规则的约束，这意味着浏览器应阻止访问数据（除了设置信息开头的域之外）。

For further reading on client storage technologies see Dive Into Html 5 . 有关客户端存储技术的更多信息，请参阅Dive Into Html 5 。

---

#3楼

These are properties of 'window' object in JavaScript, just like document is one of a property of window object which holds DOM objects. 这些是JavaScript中“窗口”对象的属性，就像文档是保存DOM对象的窗口对象的属性之一一样。

Session Storage property maintains a separate storage area for each given origin that's available for the duration of the page session ie as long as the browser is open, including page reloads and restores. 会话存储属性为每个给定的来源维护一个单独的存储区域，该区域在页面会话期间（即，只要浏览器处于打开状态，包括页面重新加载和还原）就可用。

Local Storage does the same thing, but persists even when the browser is closed and reopened. 本地存储执行相同的操作，但是即使关闭并重新打开浏览器也可以保留。

You can set and retrieve stored data as follows: 您可以如下设置和检索存储的数据：

sessionStorage.setItem('key', 'value');

var data = sessionStorage.getItem('key');

Similarly for localStorage. 对于localStorage同样。

---

#4楼

1. LocalStorage 本地存储

   Pros : 优点 ：

   1. Web storage can be viewed simplistically as an improvement on cookies, providing much greater storage capacity. Web存储可以简单地视为对Cookie的一种改进，从而提供了更大的存储容量。 If you look at the Mozilla source code we can see that 5120KB ( 5MB which equals 2.5 Million chars on Chrome) is the default storage size for an entire domain. 如果您查看Mozilla的源代码，我们可以看到5120KB （ 5MB ，在Chrome上等于250万个字符 ）是整个域的默认存储大小。 This gives you considerably more space to work with than a typical 4KB cookie. 与典型的4KB Cookie相比，这为您提供了更多的处理空间。
   2. The data is not sent back to the server for every HTTP request (HTML, images, JavaScript, CSS, etc) - reducing the amount of traffic between client and server. 不会针对每个HTTP请求（HTML，图像，JavaScript，CSS等）将数据发送回服务器，从而减少了客户端与服务器之间的通信量。
   3. The data stored in localStorage persists until explicitly deleted. 存储在localStorage中的数据将一直保留到明确删除为止。 Changes made are saved and available for all current and future visits to the site. 所做的更改将被保存，并可供当前和将来对该站点的所有访问。

   Cons : 缺点 ：

   1. It works on same-origin policy . 它适用于同源策略 。 So, data stored will only be available on the same origin. 因此，存储的数据仅在相同的来源可用。

2. Cookies 饼干

   Pros: 优点：

   1. Compared to others, there's nothing AFAIK. 与其他人相比，没有AFAIK。

   Cons: 缺点：

   1. The 4K limit is for the entire cookie, including name, value, expiry date etc. To support most browsers, keep the name under 4000 bytes, and the overall cookie size under 4093 bytes. 4K限制适用于整个cookie，包括名称，值，有效期等。要支持大多数浏览器，请将该名称保持在4000字节以下，并将cookie的整体大小保持在4093字节以下。

   2. The data is sent back to the server for every HTTP request (HTML, images, JavaScript, CSS, etc) - increasing the amount of traffic between client and server. 每个HTTP请求（HTML，图像，JavaScript，CSS等）会将数据发送回服务器，从而增加了客户端与服务器之间的通信量。

      Typically, the following are allowed: 通常，允许以下操作：

      • 300 cookies in total 总共300个 Cookie
      • 4096 bytes per cookie 每个Cookie 4096个字节
      • 20 cookies per domain 每个域20个Cookie
      • 81920 bytes per domain(Given 20 cookies of max size 4096 = 81920 bytes.) 每个域81920字节 （给出20个最大大小为4096的cookie = 81920字节。）

3. sessionStorage sessionStorage

   Pros: 优点：

   1. It is similar to localStorage . 它类似于localStorage 。
   2. The data is not persistent ie data is only available per window (or tab in browsers like Chrome and Firefox). 数据不是持久性的，即，仅每个窗口（或Chrome和Firefox等浏览器中的标签）提供数据。 Data is only available during the page session. 数据仅在页面会话期间可用。 Changes made are saved and available for the current page, as well as future visits to the site on the same window. 所做的更改将被保存，并且可用于当前页面以及将来在同一窗口上访问该站点。 Once the window is closed, the storage is deleted. 关闭窗口后，将删除存储。

   Cons: 缺点：

   1. The data is available only inside the window/tab in which it was set. 数据仅在设置它的窗口/选项卡内可用。
   2. Like localStorage , it works on same-origin policy . 像localStorage一样，它适用于同源策略 。 So, data stored will only be available on the same origin. 因此，存储的数据仅在相同的来源可用。

Checkout across-tabs - how to facilitate easy communication between cross-origin browser tabs. 跨标签签出-如何简化跨源浏览器标签之间的交流。

---

#5楼

OK, LocalStorage as it's called it's local storage for your browsers, it can save up to 10MB , SessionStorage does the same, but as it's name saying, it's session based and will be deleted after closing your browser, also can save less than LocalStorage, like up to 5MB , but Cookies are very tiny data storing in your browser, that can save up 4KB and can be accessed through server or browser both... 好的， LocalStorage就是您浏览器的本地存储，它可以节省多达10MB的空间 ， SessionStorage可以做到这一点，但是顾名思义，它是基于会话的，在关闭浏览器后将被删除，还可以节省不到LocalStorage的费用，例如最大5MB ，但Cookies是浏览器中存储的非常小的数据，最多可以节省4KB，并且可以通过服务器或浏览器访问...

I also created the image below to show the differences at a glance: 我还创建了以下图像，以一眼看出差异：

---

#6楼

The Web Storage API provides mechanisms by which browsers can securely store key/value pairs, in a much more intuitive fashion than using cookies. Web存储API提供了一种机制，通过这种机制，浏览器可以比使用cookie更为直观的​​方式安全地存储键/值对。 The Web Storage API extends the Window object with two new properties — Window.sessionStorage and Window.localStorage . Web Storage API用两个新属性扩展了Window对象Window.sessionStorage和Window.localStorage 。 — invoking one of these will create an instance of the Storage object, through which data items can be set, retrieved, and removed. —调用其中之一将创建Storage对象的实例，通过该实例可以设置，检索和删除数据项。 A different Storage object is used for the sessionStorage and localStorage for each origin (domain). 每个源（域）的sessionStorage和localStorage使用不同的Storage对象。

Storage objects are simple key-value stores, similar to objects, but they stay intact through page loads . 存储对象是简单的键值存储，类似于对象， 但是它们在页面加载时保持完整 。

localStorage.colorSetting = '#a4509b';
localStorage['colorSetting'] = '#a4509b';
localStorage.setItem('colorSetting', '#a4509b');

The keys and the values are always strings . 键和值始终是字符串 。 To store any type convert it to String and then store it. 要存储任何类型， convert it to String ，然后存储。 It's always recommended to use Storage interface methods. 始终建议使用Storage interface方法。

var testObject = { 'one': 1, 'two': 2, 'three': 3 };
// Put the object into storage
localStorage.setItem('testObject', JSON.stringify(testObject));
// Retrieve the object from storage
var retrievedObject = localStorage.getItem('testObject');
console.log('Converting String to Object: ', JSON.parse(retrievedObject));

The two mechanisms within Web Storage are as follows: Web存储中的两种机制如下：

• sessionStorage maintains a separate storage area for each given origin ^{Same-origin policy} that's available for the duration of the page session (as long as the browser is open, including page reloads and restores). sessionStorage为每个给定的起源维护一个单独的存储区域。 ^同源策略在页面会话持续时间内可用（只要打开浏览器，包括页面重新加载和还原）。
• localStorage does the same thing, but persists even when the browser is closed and reopened. localStorage可以做同样的事情，但是即使关闭并重新打开浏览器也可以保留。

Storage « Local storage writes the data to the disk, while session storage writes the data to the memory only. 存储 « 本地存储将数据写入磁盘，而会话存储仅将数据写入内存。 Any data written to the session storage is purged when your app exits. 应用退出时，将清除写入会话存储的所有数据。

The maximum storage available is different per browser , but most browsers have implemented at least the w3c recommended maximum storage limit of 5MB . 每个浏览器可用的最大存储量有所不同 ，但是大多数浏览器已实现w3c建议的至少5MB的最大存储限制。

+----------------+--------+---------+-----------+--------+
|                | Chrome | Firefox | Safari    |  IE    |
+----------------+--------+---------+-----------+--------+
| LocalStorage   | 10MB   | 10MB    | 5MB       | 10MB   |
+----------------+--------+---------+-----------+--------+
| SessionStorage | 10MB   | 10MB    | Unlimited | 10MB   |
+----------------+--------+---------+-----------+--------+

Always catch LocalStorage security and quota exceeded errors 始终捕获LocalStorage安全性和超出配额的错误

• QuotaExceededError : When storage limits exceeds on this function window.sessionStorage.setItem(key, value); QuotaExceededError ：当此函数上的存储限制超出window.sessionStorage.setItem(key, value); , it throws a "QuotaExceededError" DOMException exception if the new value couldn't be set. ，如果无法设置新值，则会引发“ QuotaExceededError” DOMException异常。 (Setting could fail if, eg, the user has disabled storage for the site, or if the quota has been exceeded.) （例如，如果用户已禁用站点存储，或者超出了配额，设置可能会失败。）

  DOMException. DOMException。 QUOTA_EXCEEDED_ERR is 22 , example fiddle . QUOTA_EXCEEDED_ERR是22 ，例如小提琴 。

• SecurityError : Uncaught SecurityError: Access to 'localStorage' is denied for this document . SecurityError ： Uncaught SecurityError: Access to 'localStorage' is denied for this document 。

   CHROME:-Privacy and security « Content settings « Cookies « Block third-party cookies. 

StorageEvent « The storage event is fired on a document's Window object when a storage area changes. StorageEvent «当存储区域更改时，将在文档的Window对象上触发存储事件。 When a user agent is to send a storage notification for a Document, the user agent must queue a task to fire an event named storage at the Document object's Window object, using StorageEvent. 当用户代理要发送文档的存储通知时，该用户代理必须使用StorageEvent在文档对象的Window对象上排队执行一个任务，以激发一个名为storage的事件。

Note: For a real world example, see Web Storage Demo . 注意：有关真实示例，请参阅Web存储演示 。 ^{check out the source code 查看源代码}

Listen to the storage event on dom/Window to catch changes in the storage. 监听dom / Window上的存储事件以捕获存储中的更改。 fiddle . 摆弄 。

---

Cookies (web cookie, browser cookie) Cookies are data, stored in small text files as name-value pairs, on your computer. Cookies （网络cookie，浏览器cookie） Cookies是数据，在计算机上以名称/值对形式存储在小的文本文件中。

JavaScript access using Document.cookie 使用Document.cookie的 JavaScript访问

New cookies can also be created via JavaScript using the Document.cookie property, and if the HttpOnly flag is not set, existing cookies can be accessed from JavaScript as well. 也可以使用Document.cookie属性通过JavaScript创建新的cookie，并且如果未设置HttpOnly标志，则也可以从JavaScript访问现有的cookie。

document.cookie = "yummy_cookie=choco"; 
document.cookie = "tasty_cookie=strawberry"; 
console.log(document.cookie); 
// logs "yummy_cookie=choco; tasty_cookie=strawberry"

Secure and HttpOnly cookies ^{HTTP State Management Mechanism} 安全和HttpOnly cookie ^{HTTP状态管理机制}

Cookies are often used in web application to identify a user and their authenticated session Cookies通常在Web应用程序中用于标识用户及其经过身份验证的会话

When receiving an HTTP request, a server can send a Set-Cookie header with the response. 当接收到HTTP请求时，服务器可以发送带有响应的Set-Cookie标头。 The cookie is usually stored by the browser, and then the cookie is sent with requests made to the same server inside a Cookie HTTP header. Cookie通常由浏览器存储，然后将Cookie与在HTTP HTTP标头内向同一服务器发出的请求一起发送。

Set-Cookie: <cookie-name>=<cookie-value> 
Set-Cookie: <cookie-name>=<cookie-value>; Expires=<date>

Session cookies will get removed when the client is shut down. 客户端关闭时， 会话cookie将被删除。 They don't specify the Expires or Max-Age directives. 他们没有指定Expires或Max-Age指令。

Set-Cookie: sessionid=38afes7a8; HttpOnly; Path=/

Permanent cookies expire at a specific date (Expires) or after a specific length of time (Max-Age). 永久性Cookie会在特定日期（Expires）或特定时间长度（Max-Age）之后过期。

Set-Cookie: id=a3fWa; Expires=Wed, 21 Oct 2015 07:28:00 GMT; Secure; HttpOnly

The Cookie HTTP request header contains stored HTTP cookies previously sent by the server with the Set-Cookie header. Cookie HTTP请求标头包含先前由服务器通过Set-Cookie标头发送的存储的HTTP cookie。 HTTP-only cookies aren't accessible via JavaScript through the Document.cookie property, the XMLHttpRequest and Request APIs to mitigate attacks against cross-site scripting (XSS). 仅HTTP的cookie不能通过JavaScript通过Document.cookie属性，XMLHttpRequest和Request API进行访问，以减轻针对跨站点脚本（XSS）的攻击。

Cookies are mainly used for three purposes: Cookies主要用于三个目的：

• Session management « Logins, shopping carts, game scores, or anything else the server should remember 会话管理 «登录名，购物车，游戏得分或服务器应记住的其他任何内容
• Personalization « User preferences, themes, and other settings 个性化 «用户首选项，主题和其他设置
• Tracking (Recording and analyzing user behavior) « Cookies have a domain associated to them. 跟踪 （记录和分析用户行为）«Cookies具有与之关联的域。 If this domain is the same as the domain of the page you are on, the cookies is said to be a first-party cookie. 如果此域与您所在页面的域相同，则该cookie被称为第一方cookie。 If the domain is different, it is said to be a third-party cookie. 如果域不同，则称其为第三方cookie。 While first-party cookies are sent only to the server setting them, a web page may contain images or other components stored on servers in other domains (like ad banners). 虽然第一方Cookie仅发送给设置它们的服务器，但网页可能包含图像或其他域中存储在服务器上的其他组件（例如广告横幅）。 Cookies that are sent through these third-party components are called third-party cookies and are mainly used for advertising and tracking across the web. 通过这些第三方组件发送的Cookie被称为第三方Cookie，主要用于在网络上进行广告和跟踪。

Cookies were invented to solve the problem "how to remember information about the user": 发明了Cookies来解决“如何记住有关用户的信息”的问题：

• When a user visits a web page, his name can be stored in a cookie. 当用户访问网页时，其名称可以存储在cookie中。
• Next time the user visits the page, cookies belonging to the page is added to the request. 下次用户访问该页面时，属于该页面的cookie将添加到请求中。 This way the server gets the necessary data to "remember" information about users. 这样，服务器将获得必要的数据以“记住”有关用户的信息。

GitHubGist Example GitHubGist 示例

---

As summary, 作为总结，

• localStorage persists over different tabs or windows, and even if we close the browser, accordingly with the domain security policy and user choices about quota limit. localStorage会保留在不同的选项卡或窗口中，即使我们关闭浏览器，也会相应地使用域安全策略和用户对配额限制的选择。
• sessionStorage object does not persist if we close the tab (top-level browsing context) as it does not exists if we surf via another tab or window. 如果关闭选项卡（顶级浏览上下文），则sessionStorage对象不会持久，因为如果通过另一个选项卡或窗口进行浏览，则该对象将不存在。
• Web Storage (session, local) allows us to save a large amount of key/value pairs and lots of text, something impossible to do via cookie. Web存储（会话，本地）允许我们保存大量的键/值对和大量文本，而这是无法通过Cookie进行的。
• Cookies that are used for sensitive actions should have a short lifetime only. 用于敏感操作的Cookie的寿命应仅较短。
• Cookies mainly used for advertising and tracking across the web. Cookies主要用于在网络上进行广告和跟踪。 See for example the types of cookies used by Google . 例如，请参阅Google使用的Cookie的类型 。
• Cookies are sent with every request, so they can worsen performance (especially for mobile data connections). Cookie随每个请求一起发送，因此它们可能会降低性能（尤其是对于移动数据连接而言）。 Modern APIs for client storage are the Web storage API (localStorage and sessionStorage) and IndexedDB. 用于客户端存储的现代API是Web存储API（localStorage和sessionStorage）和IndexedDB。