How to fix HTTP only attribute unsecured cookie called Post Edit Revision after user edits MediaWiki article

allows everyone to hide any line in the "Recent Changes" page.
From @jehovahsays
Jump to: navigation, search

I navigated to my includes folder.
I then opened the file named EditPage.php with notepad++
I scrolled down to line 1525 and changed


into this

			'httpOnly' => true,
		] );

I clicked save.
I tested the cookie again and it was secured.

Also to harden your cookie security add these 2 codes to your localsettings.php

$wgCookieHttpOnly = true;
$wgCookieSecure = 'detect';