Bird
0
0

Which Django setting forces all cookies to be sent only over HTTPS?

easy📝 Conceptual Q2 of 15
Django - Security Best Practices
Which Django setting forces all cookies to be sent only over HTTPS?
ASECURE_SSL_REDIRECT = True
BSECURE_HSTS_SECONDS = 0
CCSRF_COOKIE_HTTPONLY = True
DSESSION_COOKIE_SECURE = True
Step-by-Step Solution
Solution:

  1. Step 1: Identify cookie security settings

    SESSION_COOKIE_SECURE ensures session cookies are sent only over HTTPS.

  2. Step 2: Differentiate from other settings

    SECURE_SSL_REDIRECT redirects HTTP to HTTPS but does not affect cookie flags. CSRF_COOKIE_HTTPONLY controls JavaScript access, and SECURE_HSTS_SECONDS sets HTTP Strict Transport Security duration.

  3. Final Answer:

    SESSION_COOKIE_SECURE = True -> Option D

  4. Quick Check:

    SESSION_COOKIE_SECURE controls cookie HTTPS sending [OK]
Quick Trick: SESSION_COOKIE_SECURE = True locks cookies to HTTPS only [OK]
Common Mistakes:
MISTAKES
  • Confusing redirect settings with cookie flags
  • Assuming HTTPOnly affects HTTPS transmission
  • Misunderstanding HSTS as cookie setting

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Django Quizzes
Async Django - When async helps and when it does not - Quiz 4medium Async Django - Channels for WebSocket support - Quiz 4medium Caching - Per-view caching - Quiz 2easy Caching - Why caching matters for performance - Quiz 7medium Celery and Background Tasks - Task retry and error handling - Quiz 11easy Celery and Background Tasks - Celery installation and setup - Quiz 11easy Celery and Background Tasks - Defining tasks - Quiz 9hard DRF Advanced Features - Search and ordering - Quiz 6medium Security Best Practices - Content Security Policy - Quiz 9hard Signals - Connecting signal handlers - Quiz 13medium