Jump to content

Topic on Manual talk:$wgCookiePrefix

Having the default cookie prefix being the database name is bonkers!!

4
Bldcaveman (talkcontribs)

That's like putting half your pin number on your face - or making it your email address

Bldcaveman (talkcontribs)

Okay - it's not like it's super easy from there but it shouldn't be there really.

Ciencia Al Poder (talkcontribs)

There's no reason it can be any security treat. Please stop freaking about this or demonstrate how it can be harmful.

Stefahn (talkcontribs)

I just came across this and don't understand why it defaults to the database name, too. On some hosts you can derive the ssh/ftp username from the datebase name. Thus, in my opinion, it would be better to default the name to the sitename for example. What do you think?

Reply to "Having the default cookie prefix being the database name is bonkers!!"