How to fix HTTP only attribute unsecured cookie called Post Edit Revision after user edits MediaWiki article

allows everyone to hide any line in the "Recent Changes" page.
From @jehovahsays
Jump to: navigation, search

I navigated to my includes folder.
I then opened the file named EditPage.php with notepad++
I scrolled down to line 1525 and changed

self::POST_EDIT_COOKIE_DURATION 
           );
	}


into this

self::POST_EDIT_COOKIE_DURATION, [
			'httpOnly' => true,
		] );
	}


I clicked save.
I tested the cookie again and it was secured.

Also to harden your cookie security add these 2 codes to your localsettings.php

$wgCookieHttpOnly = true;
$wgCookieSecure = 'detect';