Last modified: 2010-05-15 15:54:45 UTC
Currently $wgCookiePrefix is assigned in Setup.php. It is some variant of the DB name. On a shared hosted server the DB name itself can not be set but is a random string like "db12345678". Whether divulging this info represents even a negligible security threat is unknown. I would like $wgCookiePrefix to be user settable. My suggestion: In DefaultSettings.php put $wgCookiePrefix=false; In Setup.php put if ( $wgCookiePrefix ) {} elseif ...
Done in r37893