0
0
PHPprogramming~5 mins

Cookie expiration and security in PHP - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What does the 'expires' attribute in a cookie do?
The 'expires' attribute sets the date and time when the cookie will be deleted by the browser. After this time, the cookie is no longer sent with requests.
Click to reveal answer
beginner
What is the purpose of the 'Secure' flag in a cookie?
The 'Secure' flag ensures the cookie is only sent over HTTPS connections, protecting it from being sent over unencrypted HTTP.
Click to reveal answer
intermediate
How does the 'HttpOnly' flag improve cookie security?
The 'HttpOnly' flag prevents JavaScript from accessing the cookie, reducing the risk of cross-site scripting (XSS) attacks stealing the cookie.
Click to reveal answer
intermediate
What is the difference between 'expires' and 'max-age' attributes in cookies?
'expires' sets a fixed date/time for cookie expiration, while 'max-age' sets the lifetime in seconds from the current time. 'max-age' is newer and preferred for relative expiration.
Click to reveal answer
intermediate
Why should you set the 'SameSite' attribute on cookies?
The 'SameSite' attribute restricts how cookies are sent with cross-site requests, helping to prevent cross-site request forgery (CSRF) attacks.
Click to reveal answer
Which cookie attribute ensures the cookie is only sent over HTTPS?
ASecure
BHttpOnly
CSameSite
DExpires
What does the 'HttpOnly' flag prevent?
ACross-site request forgery
BCookie expiration
CSending cookie over HTTP
DAccess to the cookie via JavaScript
If you want a cookie to expire in 1 hour from now, which attribute is best to use?
Aexpires with a fixed date 1 hour later
Bmax-age set to 3600 seconds
CHttpOnly
DSecure
What is the main security benefit of setting 'SameSite' to 'Strict'?
AAllows cookies to be accessed by JavaScript
BMakes cookies expire immediately
CPrevents cookies from being sent with cross-site requests
DEncrypts the cookie data
Which PHP function is used to set a cookie with expiration and security flags?
Asetcookie()
Bcookie_set()
Cset_cookies()
Dcookie()
Explain how to set a cookie in PHP that expires in 2 hours and is secure and HttpOnly.
Think about the parameters of setcookie() including options array.
You got /4 concepts.
    Describe why cookie security flags like Secure, HttpOnly, and SameSite are important.
    Consider common web security threats related to cookies.
    You got /4 concepts.