0
0
Djangoframework~5 mins

HTTPS and secure cookies in Django - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What does HTTPS stand for and why is it important?
HTTPS stands for HyperText Transfer Protocol Secure. It encrypts data between the user's browser and the server, protecting sensitive information from being intercepted.
Click to reveal answer
beginner
What is a secure cookie in Django?
A secure cookie is a cookie that is only sent over HTTPS connections. In Django, setting the 'SESSION_COOKIE_SECURE' or 'CSRF_COOKIE_SECURE' to True ensures cookies are sent securely.
Click to reveal answer
intermediate
How do you enable HTTPS in a Django project?
You enable HTTPS by configuring your web server (like Nginx or Apache) with SSL certificates and setting Django settings like 'SECURE_SSL_REDIRECT = True' to force HTTPS.
Click to reveal answer
intermediate
What does the 'HttpOnly' flag do for cookies?
The 'HttpOnly' flag prevents JavaScript from accessing the cookie, reducing the risk of cross-site scripting (XSS) attacks. In Django, set 'SESSION_COOKIE_HTTPONLY = True'.
Click to reveal answer
advanced
Why should you use 'SECURE_HSTS_SECONDS' in Django settings?
Setting 'SECURE_HSTS_SECONDS' enables HTTP Strict Transport Security (HSTS), telling browsers to only use HTTPS for your site for a set time, improving security.
Click to reveal answer
Which Django setting forces all requests to use HTTPS?
ASECURE_HSTS_SECONDS
BSESSION_COOKIE_SECURE
CCSRF_COOKIE_SECURE
DSECURE_SSL_REDIRECT
What does setting 'SESSION_COOKIE_SECURE = True' do?
ASends session cookies only over HTTPS
BMakes cookies accessible to JavaScript
CDisables cookies
DEncrypts cookie content
What is the purpose of the 'HttpOnly' flag on cookies?
AMakes cookies visible to all domains
BPrevents JavaScript access to cookies
CAllows cookies over HTTP only
DEncrypts cookies
Which protocol does HTTPS use to secure communication?
ASMTP
BFTP
CSSL/TLS
DHTTP/2
What does setting 'SECURE_HSTS_SECONDS' do in Django?
AEnforces browsers to use HTTPS for a set time
BDisables cookies
CRedirects HTTP to HTTPS immediately
DEnables HTTP caching
Explain how HTTPS and secure cookies work together to protect user data in a Django application.
Think about data safety during transmission and cookie security.
You got /4 concepts.
    Describe the key Django settings you would configure to ensure your site uses HTTPS and secure cookies.
    Focus on settings that control HTTPS enforcement and cookie security.
    You got /4 concepts.