I'm using Angular 10 for front-end. I'm getting JWT from Back end services. I need to store my Okta JWT securely in browser. I studied about storing token in window.sessionStorage or window.localStorage or HTTP only secure cookie. But, I'm not sure how to avoid XSS and XSRF attacks.
What is the best approach to store JWT securely and traverse adhering to XSS and XSRF prevention?
Thanks in advance