Consider this Flask route that sets a cookie named user with value alice. What will the response headers include?
from flask import Flask, make_response app = Flask(__name__) @app.route('/') def index(): resp = make_response('Hello World') resp.set_cookie('user', 'alice') return resp
Check how set_cookie works by default without extra parameters.
By default, set_cookie sets a cookie with the given name and value. No extra flags like HttpOnly, Secure, or Max-Age are added unless specified.
Given this Flask route that reads a cookie named session_id, what will be returned if the cookie is not set?
from flask import Flask, request app = Flask(__name__) @app.route('/read') def read_cookie(): session = request.cookies.get('session_id', 'none') return f'Session: {session}'
Look at the default value provided to get method.
The get method returns the default value 'none' if the cookie is missing, so the returned string is 'Session: none'.
Choose the correct Flask code snippet that sets a cookie named token with value abc123 that expires in 3600 seconds.
Check the exact parameter name for cookie expiration in Flask's set_cookie.
The correct parameter is max_age (with underscore). Other options are invalid or misspelled.
Given this Flask route, why does it always print Cookie not found even if the user cookie is set?
from flask import Flask, request app = Flask(__name__) @app.route('/check') def check_cookie(): if 'User' in request.cookies: return f"User: {request.cookies['User']}" else: return 'Cookie not found'
Check the case of the cookie key used in the condition and in the return statement.
Cookie keys are case-sensitive. The code checks for 'User' (uppercase) when the cookie is 'user' (lowercase), so the condition fails.
In Flask, if you set a cookie with secure=True, what will happen when the client accesses the site over plain HTTP?
Think about what the Secure flag means for cookies in browsers.
The Secure flag tells browsers to only send the cookie over HTTPS connections. On HTTP, the cookie is not sent.