happyDomain/checker-http
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add RFC 6265bis cookie checks: name prefixes and per-cookie size

Browse source
This commit is contained in:
nemunaire 2026-04-27 10:05:45 +07:00
commit 2250902a94
4 changed files with 329 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
checker/types.go
View file

@ -104,8 +104,18 @@ type CookieInfo struct {
HttpOnly bool `json:"http_only"`
SameSite string `json:"same_site,omitempty"` // "Strict", "Lax", "None", or ""
HasExpiry bool `json:"has_expiry,omitempty"`
// Size is the byte length of the raw Set-Cookie header value
// (everything after "Set-Cookie: "), used to evaluate the
// per-cookie 4096-byte budget RFC 6265 §6.1 says browsers SHOULD
// support.
Size int `json:"size,omitempty"`
}
// MaxCookieSize is the per-cookie size browsers are required to
// support per RFC 6265 §6.1. Cookies above this are likely to be
// silently dropped by some user agents.
const MaxCookieSize = 4096
// HTMLResource is a <script src=...> or <link href=...> reference extracted
// from the HTML body, used to evaluate Subresource Integrity coverage.
type HTMLResource struct {