Is it safe to assume that I am in server root? (JavaScript security)

A variation on my previous question:

My JavaScript application may be run in a subfolder at a strange web server.

Is it secure to store user's secret data in browser local storage or cookies using JavaScript, in the case if location.pathname contains exactly one /?

Is this security mechanism I invented (checking for exactly one / in the path) safe against hackers?