I have a newsletter form on my website, once users enter their email address they will be lead to another page of the website to attend an online contest where they will be required to enter their email address again. I want to use javascript to enter the address for those who have already entered it on the previous page.
Firstly I think of using GET parameter, but that way the address will be shown in the URL, which I worry might make some user unfortable, is this concern legit?
Then I think of using localStorage, however, I've never used it before, is it viable and is it a good practice?
I have a newsletter form on my website, once users enter their email address they will be lead to another page of the website to attend an online contest where they will be required to enter their email address again. I want to use javascript to enter the address for those who have already entered it on the previous page.
Firstly I think of using GET parameter, but that way the address will be shown in the URL, which I worry might make some user unfortable, is this concern legit?
Then I think of using localStorage, however, I've never used it before, is it viable and is it a good practice?
Share Improve this question asked Mar 8, 2018 at 14:25 shenkwenshenkwen 3,88010 gold badges54 silver badges101 bronze badges 3- 1 You're unable to send as POST/PUT/PATCH? – Ele Commented Mar 8, 2018 at 14:27
- this question might be helpful for understanding localstorage: stackoverflow./questions/17280390/… – rogerrw Commented Mar 8, 2018 at 14:31
- unable to POST cause I don't have server-side control, I don't know what PUT/PATCH is. – shenkwen Commented Mar 8, 2018 at 15:08
1 Answer
Reset to default 9First, you concern about putting email addresses in the URL is legit; email addresses are private information and URLs are public, a great answer about that here.
Now about the main question, it's not terrible practice, but it's not exactly good practice either. localStorage, just like cookies, shouldn't be used to store private information. Storing an email address is not as bad as storing a password or a credit card number, but it's still private information. Quoting from another answer:
remember that cookies are stored on people's puters so from your point of view (as a website developer), they're basically out in the wild, potentially accessible to anyone.
One way to achieve what you want to do is to send the users' email addresses in a POST request to the server, which will then be able to render the next page with that information.
If you really like the local storage route, at least consider using sessionStorage so that the information gets wiped eventually.