Bird
0
0

What does setting CSRF_COOKIE_SECURE = True in Django settings ensure?

easy📝 Conceptual Q1 of 15
Django - Security Best Practices
What does setting CSRF_COOKIE_SECURE = True in Django settings ensure?
AThe CSRF cookie is only sent over HTTPS connections
BThe CSRF cookie is accessible via JavaScript
CThe CSRF cookie expires immediately after being set
DThe CSRF cookie is stored in the database
Step-by-Step Solution
Solution:

  1. Step 1: Understand CSRF cookie purpose

    The CSRF cookie helps protect against cross-site request forgery attacks by being sent with requests.

  2. Step 2: Effect of setting CSRF_COOKIE_SECURE to True

    This setting ensures the CSRF cookie is only sent over secure HTTPS connections, preventing exposure over insecure HTTP.

  3. Final Answer:

    The CSRF cookie is only sent over HTTPS connections -> Option A

  4. Quick Check:

    CSRF_COOKIE_SECURE = True means secure cookie only [OK]
Quick Trick: Secure cookies only travel on HTTPS connections [OK]
Common Mistakes:
MISTAKES
  • Thinking secure means accessible via JavaScript
  • Confusing cookie expiration with security
  • Assuming cookies are stored in the database

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Django Quizzes
Async Django - Why async matters in Django - Quiz 3easy Celery and Background Tasks - Why background tasks matter - Quiz 7medium DRF Advanced Features - Pagination (PageNumber, Cursor, Limit/Offset) - Quiz 12easy DRF Advanced Features - DRF authentication (Token, JWT) - Quiz 15hard DRF Advanced Features - Why advanced DRF features matter - Quiz 3easy Django REST Framework Basics - ModelSerializer for model-backed APIs - Quiz 5medium Django REST Framework Basics - Serializers for data conversion - Quiz 15hard Django REST Framework Basics - Why DRF matters for APIs - Quiz 11easy Security Best Practices - XSS prevention in templates - Quiz 2easy Signals - Custom signals - Quiz 4medium