Bird
0
0

You wrote this code to add a security header but it does not appear in responses:

medium📝 Debug Q6 of 15
Flask - Security Best Practices
You wrote this code to add a security header but it does not appear in responses:
@app.after_request
def add_header(response):
    response.headers.add('X-Content-Type-Options', 'nosniff')
    return response

What is the issue?
AYou must call response.commit() to save headers
BThe header name is incorrect
CThe function should be named 'before_request'
DThe method 'add' does not exist on response.headers; use assignment instead
Step-by-Step Solution
Solution:

  1. Step 1: Check response.headers API

    response.headers is a dictionary-like object; it does not have an 'add' method.

  2. Step 2: Correct way to set header

    Use assignment: response.headers['X-Content-Type-Options'] = 'nosniff'.

  3. Final Answer:

    The method 'add' does not exist on response.headers; use assignment instead -> Option D

  4. Quick Check:

    Set headers by assignment, not add() method [OK]
Quick Trick: Use response.headers['key'] = 'value', not add() [OK]
Common Mistakes:
MISTAKES
  • Using add() method
  • Wrong header name
  • Misusing before_request instead of after_request

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Flask Quizzes
Background Tasks - Task status monitoring - Quiz 13medium Background Tasks - Celery integration overview - Quiz 13medium Deployment - Why production setup matters - Quiz 5medium Deployment - WSGI servers (Gunicorn, uWSGI) - Quiz 14medium Performance Optimization - Why performance matters - Quiz 2easy Performance Optimization - Connection pooling - Quiz 15hard Security Best Practices - CSRF protection - Quiz 5medium Security Best Practices - Why security is critical - Quiz 10hard WebSocket and Real-Time - WebSocket events handling - Quiz 7medium WebSocket and Real-Time - Broadcasting to clients - Quiz 7medium