Instructions: these are modified versus prior instructions
Question. Assume that a Web developer creates a correct (bug-free) Web site, that the site is served only via HTTPS, and that the end-user can be expected to check the site's certificates. Furthermore, the Web developer correctly marks all cookies as "Secure." In this situation, does ForceHTTPS provide a benefit? If no, explain why. If yes, explain what attacks and misbehaviors ForceHTTPS defends against.