Use Web Storage API safely

localStorage and sessionStorage have a 5–10 MB quota per origin, and any write can throw a QuotaExceededError. Private browsing modes in some browsers disable storage entirely and throw on all writes. Applications that don't handle these errors crash silently, leaving users unable to use the app.

Quick Reference

• Always wrap localStorage access in try/catch — storage can be full or disabled
• Serialize objects with JSON.stringify and validate on read with JSON.parse
• Never store sensitive data (tokens, passwords) in localStorage — use httpOnly cookies
• Use sessionStorage for tab-scoped data that shouldn't persist

Check

Find all localStorage and sessionStorage accesses in this file. Check for missing try/catch, unhandled JSON parsing, and any storage of sensitive data.

Fix

Add try/catch error handling to all Web Storage operations and ensure all object values are properly serialized and deserialized.