This rule is deprecated, and will eventually be removed.
Why is this an issue?
Session storage and local storage are HTML 5 features which allow developers to easily store megabytes of data client-side, as opposed to the 4Kb
cookies can accommodate. While useful to speed applications up on the client side, it can be dangerous to store sensitive information this way because
the data is not encrypted by default and any script on the page may access it.
This rule raises an issue when the
sessionStorage API’s are used.
Noncompliant code example
localStorage.setItem("login", login); // Noncompliant
sessionStorage.setItem("sessionId", sessionId); // Noncompliant