0
0
Flaskframework~10 mins

Why security is critical in Flask - Test Your Understanding

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to import the Flask class.

Flask
from flask import [1]
app = [1](__name__)
Drag options to blanks, or click blank then click option'
Arender_template
BRequest
CFlask
Dredirect
Attempts:
3 left
💡 Hint
Common Mistakes
Importing Request instead of Flask
Using render_template in place of Flask
2fill in blank
medium

Complete the code to define a route for the home page.

Flask
@app.route('[1]')
def home():
    return 'Welcome to the secure app!'
Drag options to blanks, or click blank then click option'
A/
B/home
C/index.html
D/main
Attempts:
3 left
💡 Hint
Common Mistakes
Using '/home' instead of '/'
Using file names like '/index.html'
3fill in blank
hard

Fix the error in the code to run the Flask app securely.

Flask
if __name__ == '__main__':
    app.run(debug=[1])
Drag options to blanks, or click blank then click option'
ATrue
BNone
C0
DFalse
Attempts:
3 left
💡 Hint
Common Mistakes
Leaving debug=True in production
Using None or 0 instead of False
4fill in blank
hard

Fill both blanks to protect against Cross-Site Request Forgery (CSRF).

Flask
from flask_wtf import [1]
app.config['SECRET_KEY'] = '[2]'
Drag options to blanks, or click blank then click option'
ACSRFProtect
BFlaskForm
Chard-to-guess-secret-key
DSESSION_COOKIE_SECURE
Attempts:
3 left
💡 Hint
Common Mistakes
Using FlaskForm instead of CSRFProtect for protection
Misconfiguring SECRET_KEY
5fill in blank
hard

Fill all three blanks to safely handle user input in a Flask route.

Flask
from flask import request, escape

@app.route('/submit', methods=['POST'])
def submit():
    user_input = request.[1].get('[2]')
    safe_input = [3](user_input)
    return f'You entered: {safe_input}'
Drag options to blanks, or click blank then click option'
Aform
Bargs
Cescape
Dusername
Attempts:
3 left
💡 Hint
Common Mistakes
Using request.args for POST data
Not escaping user input