Bird
0
0

Why does this code fail to set a secure cookie?

medium📝 Debug Q7 of 15
PHP - Sessions and Cookies
Why does this code fail to set a secure cookie?
setcookie('auth', 'token', time() + 3600, '/', '', false, true);
APath parameter is empty string
BSecure flag is set to false, so cookie is sent over HTTP
CExpires time is in the past
DCookie name is invalid
Step-by-Step Solution
Solution:

  1. Step 1: Understand the secure flag meaning

    The secure flag must be true to send cookie only over HTTPS connections.

  2. Step 2: Check the secure flag value in code

    It is set to false, so cookie can be sent over insecure HTTP, failing secure cookie requirement.

  3. Final Answer:

    Secure flag is set to false, so cookie is sent over HTTP -> Option B

  4. Quick Check:

    Secure flag false = no HTTPS-only cookie [OK]
Quick Trick: Set secure flag true for HTTPS-only cookies [OK]
Common Mistakes:
  • Assuming empty path disables security
  • Confusing secure with httponly flags
  • Not setting secure flag on HTTPS sites

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More PHP Quizzes
Array Functions - Array chunk and pad - Quiz 2easy Classes and Objects - Static properties and methods - Quiz 10hard Error and Exception Handling - Custom exception classes - Quiz 10hard Error and Exception Handling - Why error handling matters - Quiz 2easy File Handling - JSON encoding and decoding - Quiz 7medium File Handling - File open modes - Quiz 13medium File Handling - File open modes - Quiz 15hard Inheritance and Polymorphism - Instanceof operator - Quiz 13medium Interfaces and Traits - Why traits are needed - Quiz 9hard String Functions - Implode and join - Quiz 8hard