diff --git a/django/contrib/sessions/tests.py b/django/contrib/sessions/tests.py
index 8cda7ea05b4..8d63aaa989e 100644
--- a/django/contrib/sessions/tests.py
+++ b/django/contrib/sessions/tests.py
@@ -24,6 +24,7 @@ from django.test import TestCase, RequestFactory, override_settings
 from django.test.utils import patch_logger
 from django.utils import six
 from django.utils import timezone
+from django.utils.six.moves import http_cookies
 
 from django.contrib.sessions.exceptions import InvalidSessionKey
 
@@ -532,7 +533,7 @@ class SessionMiddlewareTests(unittest.TestCase):
         response = middleware.process_response(request, response)
         self.assertTrue(
             response.cookies[settings.SESSION_COOKIE_NAME]['httponly'])
-        self.assertIn('httponly',
+        self.assertIn(http_cookies.Morsel._reserved['httponly'],
             str(response.cookies[settings.SESSION_COOKIE_NAME]))
 
     @override_settings(SESSION_COOKIE_HTTPONLY=False)
@@ -549,7 +550,7 @@ class SessionMiddlewareTests(unittest.TestCase):
         response = middleware.process_response(request, response)
         self.assertFalse(response.cookies[settings.SESSION_COOKIE_NAME]['httponly'])
 
-        self.assertNotIn('httponly',
+        self.assertNotIn(http_cookies.Morsel._reserved['httponly'],
                          str(response.cookies[settings.SESSION_COOKIE_NAME]))
 
     def test_session_save_on_500(self):
diff --git a/tests/requests/tests.py b/tests/requests/tests.py
index 274fcf5a8c3..55b37bbbf00 100644
--- a/tests/requests/tests.py
+++ b/tests/requests/tests.py
@@ -18,6 +18,7 @@ from django.test.client import FakePayload
 from django.test.utils import str_prefix
 from django.utils import six
 from django.utils.http import cookie_date, urlencode
+from django.utils.six.moves import http_cookies
 from django.utils.six.moves.urllib.parse import urlencode as original_urlencode
 from django.utils.timezone import utc
 
@@ -186,7 +187,7 @@ class RequestsTests(SimpleTestCase):
         example_cookie = response.cookies['example']
         # A compat cookie may be in use -- check that it has worked
         # both as an output string, and using the cookie attributes
-        self.assertTrue('; httponly' in str(example_cookie))
+        self.assertIn('; %s' % http_cookies.Morsel._reserved['httponly'], str(example_cookie))
         self.assertTrue(example_cookie['httponly'])
 
     def test_limited_stream(self):