Bird
0
0

This Flask code snippet causes session data to be lost unexpectedly:

medium📝 Debug Q7 of 15
Flask - Security Best Practices
This Flask code snippet causes session data to be lost unexpectedly:
app.config['SESSION_COOKIE_HTTPONLY'] = False
app.config['SECRET_KEY'] = 'topsecret'

What is the likely cause?
ASESSION_COOKIE_HTTPONLY=False allows JavaScript to modify cookies, causing loss
BSECRET_KEY is too short and invalid
CSESSION_COOKIE_HTTPONLY must be True to enable sessions
DMissing SESSION_COOKIE_SECURE causes session loss
Step-by-Step Solution
Solution:

  1. Step 1: Understand HTTPONLY flag effect

    Setting HTTPONLY to False allows JavaScript to access and possibly modify cookies.

  2. Step 2: Link to session loss

    Malicious or buggy scripts can alter session cookies, causing unexpected session loss.

  3. Final Answer:

    SESSION_COOKIE_HTTPONLY=False allows JavaScript to modify cookies, causing loss -> Option A

  4. Quick Check:

    HTTPONLY=False risks cookie tampering [OK]
Quick Trick: Keep HTTPONLY=True to protect session cookies from JS [OK]
Common Mistakes:
MISTAKES
  • Thinking SECRET_KEY length causes loss
  • Believing HTTPONLY enables sessions
  • Assuming SECURE flag causes loss

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Flask Quizzes
Background Tasks - Task status monitoring - Quiz 10hard Deployment - Database migration in deployment - Quiz 5medium Flask Ecosystem and Patterns - Repository pattern for data access - Quiz 15hard Flask Ecosystem and Patterns - Flask extensions directory - Quiz 7medium Flask Ecosystem and Patterns - Flask extensions directory - Quiz 10hard Middleware and Extensions - Before_request as middleware alternative - Quiz 12easy Security Best Practices - Rate limiting for protection - Quiz 4medium Security Best Practices - SQL injection prevention - Quiz 1easy Testing Flask Applications - Coverage reporting - Quiz 10hard Testing Flask Applications - Why testing matters - Quiz 4medium