0
0
Djangoframework~20 mins

HTTPS and secure cookies in Django - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
HTTPS and Secure Cookies Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
What does setting SECURE_SSL_REDIRECT = True do in Django?
In a Django project, what is the effect of setting SECURE_SSL_REDIRECT = True in your settings.py file?
AIt forces all HTTP requests to be redirected to HTTPS.
BIt disables HTTPS and allows only HTTP connections.
CIt encrypts cookies automatically without any other settings.
DIt enables debug mode for SSL connections.
Attempts:
2 left
💡 Hint
Think about what happens when a user tries to access your site with HTTP.
component_behavior
intermediate
2:00remaining
What happens if SESSION_COOKIE_SECURE is set to True?
In Django, if you set SESSION_COOKIE_SECURE = True, what is the behavior of the session cookie?
AThe session cookie is sent over both HTTP and HTTPS.
BThe session cookie is only sent over HTTPS connections.
CThe session cookie is disabled completely.
DThe session cookie is encrypted with a custom key.
Attempts:
2 left
💡 Hint
Consider when cookies are sent by browsers based on security flags.
📝 Syntax
advanced
2:00remaining
Identify the correct way to set a secure cookie in a Django view
Which of the following Django view code snippets correctly sets a secure cookie named 'token' with value 'abc123'?
Aresponse.set_cookie('token', 'abc123', httpOnly=True)
Bresponse.set_cookie('token', 'abc123', secure=False, httponly=True)
Cresponse.set_cookie('token', 'abc123', secure=True, httponly=True)
Dresponse.set_cookie('token', 'abc123', secure=True, http_only=True)
Attempts:
2 left
💡 Hint
Check the exact parameter names for set_cookie method.
🔧 Debug
advanced
2:00remaining
Why is the secure cookie not sent over HTTPS?
A developer sets SESSION_COOKIE_SECURE = True in Django settings but notices the session cookie is not sent in HTTPS requests. What is the most likely cause?
AThe SESSION_COOKIE_SECURE setting must be set to False to send cookies.
BThe cookie name is incorrect in the settings.
CThe browser does not support secure cookies.
DThe site is accessed via HTTP, not HTTPS, so the cookie is not sent.
Attempts:
2 left
💡 Hint
Think about when secure cookies are sent by browsers.
state_output
expert
2:00remaining
What is the value of CSRF_COOKIE_SECURE after this settings change?
Given the following Django settings snippet, what is the value of CSRF_COOKIE_SECURE after execution? 
CSRF_COOKIE_SECURE = False
if DEBUG is False:
    CSRF_COOKIE_SECURE = True
else:
    CSRF_COOKIE_SECURE = False

DEBUG = False
Django
DEBUG = False
CSRF_COOKIE_SECURE = False
if DEBUG is False:
    CSRF_COOKIE_SECURE = True
else:
    CSRF_COOKIE_SECURE = False
ARaises NameError
BTrue
CFalse
DNone
Attempts:
2 left
💡 Hint
Check the order of variable assignments and usage.