Add RFC 6265bis cookie checks: name prefixes and per-cookie size

2026-04-27 10:05:45 +07:00 · 2026-04-27 10:05:45 +07:00 · 2250902a94
commit 2250902a94
parent 01bdadd2ab
4 changed files with 329 additions and 3 deletions
--- a/checker/collect.go
+++ b/checker/collect.go
@ -290,8 +290,12 @@ func runProbe(ctx context.Context, host, ip, scheme string, port uint16, timeout
 		probe.Headers[lk] = strings.Join(v, ", ")
 	}

-	for _, c := range resp.Cookies() {
-		probe.Cookies = append(probe.Cookies, CookieInfo{
+	// resp.Cookies() and resp.Header.Values("Set-Cookie") yield entries
+	// in the same order, so we can pair them positionally to recover the
+	// raw byte length of each Set-Cookie line for the size rule.
+	rawSetCookies := resp.Header.Values("Set-Cookie")
+	for i, c := range resp.Cookies() {
+		ci := CookieInfo{
 			Name:      c.Name,
 			Domain:    c.Domain,
 			Path:      c.Path,
@ -299,7 +303,11 @@ func runProbe(ctx context.Context, host, ip, scheme string, port uint16, timeout
 			HttpOnly:  c.HttpOnly,
 			SameSite:  sameSiteString(c.SameSite),
 			HasExpiry: !c.Expires.IsZero() || c.MaxAge > 0,
-		})
+		}
+		if i < len(rawSetCookies) {
+			ci.Size = len(rawSetCookies[i])
+		}
+		probe.Cookies = append(probe.Cookies, ci)
 	}
 	probe.RedirectChain = redirectChain