Bird
0
0

In a Django project, you wrote:

medium📝 Debug Q7 of 15
Django - Security Best Practices
In a Django project, you wrote:
response['Content-Security-Policy'] = "default-src 'self'"
response['Content-Security-Policy'] = "script-src 'none'"

What will be the effective CSP header in the response?
A"default-src 'self'"
B"script-src 'none'"
C"default-src 'self'; script-src 'none'"
DNo CSP header will be set
Step-by-Step Solution
Solution:

  1. Step 1: Understand header overwrite behavior

    Setting the same header twice overwrites the previous value in Django response.

  2. Step 2: Identify final header value

    The last assignment "script-src 'none'" replaces the earlier "default-src 'self'".

  3. Final Answer:

    "script-src 'none'" -> Option B

  4. Quick Check:

    Last header assignment wins = "script-src 'none'" [OK]
Quick Trick: Last header assignment overwrites previous ones [OK]
Common Mistakes:
MISTAKES
  • Assuming headers concatenate automatically
  • Expecting both directives combined
  • Thinking no header is set due to conflict

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Django Quizzes
Async Django - When async helps and when it does not - Quiz 9hard Celery and Background Tasks - Redis as message broker - Quiz 14medium DRF Advanced Features - Pagination (PageNumber, Cursor, Limit/Offset) - Quiz 14medium Deployment and Production - Nginx as reverse proxy - Quiz 8hard Deployment and Production - WhiteNoise for static files - Quiz 6medium Django REST Framework Basics - APIView for custom endpoints - Quiz 9hard Django REST Framework Basics - DRF installation and setup - Quiz 3easy Django REST Framework Basics - Generic views in DRF - Quiz 6medium Signals - pre_save and post_save signals - Quiz 6medium Testing Django Applications - Testing forms - Quiz 10hard