{
    "description": {
        "description": "Metadata description",
        "message": "This hint validates the `set-cookie` header and confirms that it is sent with `Secure` and `HttpOnly` directive over HTTPS."
    },
    "duplicatedDirective": {
        "description": "Report message when the header contains duplicated directives",
        "message": "A 'set-cookie' header contains duplicate directives."
    },
    "hasDomainHostPrefix": {
        "description": "Report message when the header contains prefix but the domain directive is set",
        "message": "A 'set-cookie' header contains '__Host-' prefix but the 'domain' directive is set."
    },
    "hasPrefixHttp": {
        "description": "Report message when the header contains prefixes from an insecure page",
        "message": "A 'set-cookie' header contains prefixes but is from an insecure page."
    },
    "hasSecureHttp": {
        "description": "Report message when the cookies have the 'secure' directive, but the site is insecure",
        "message": "Insecure sites can't set cookies with the 'secure' directive."
    },
    "invalidDate": {
        "description": "Report message when the cookie have an invalid 'expires' date",
        "message": "A 'set-cookie' has an invalid 'expires' date."
    },
    "invalidDateFormat": {
        "description": "Report message when the cookie have an invalid 'expires' date format",
        "message": "A 'set-cookie' has an invalid 'expires' date format. The recommended format is: $1"
    },
    "invalidName": {
        "description": "Report message when the header contains an invalid cookie name",
        "message": "A 'set-cookie' header has an invalid cookie name."
    },
    "invalidValue": {
        "description": "Report message when the header has an invalid cookie value",
        "message": "A 'set-cookie' header has an invalid cookie value."
    },
    "maxAgeAndExpireDuplicate": {
        "description": "Report message when 'max-age' and 'expires' exists in a cookie",
        "message": "The 'max-age' attribute takes precedence when both 'expires' and 'max-age' both exist."
    },
    "maxAgeCompatibility": {
        "description": "Report message when max-age is not supported by a target browser",
        "message": "Internet Explorer (IE 6, IE 7, and IE 8) doesn't support 'max-age' directive in the 'set-cookie' header."
    },
    "name": {
        "description": "Metadata name",
        "message": "Valid `Set-Cookie` header"
    },
    "noHttpOnly": {
        "description": "Report message when the cookie doesn't have the 'httponly' directive",
        "message": "A 'set-cookie' header doesn't have the 'httponly' directive."
    },
    "noNameValueString": {
        "description": "Report message when the header doesn't contain a cookie name-value string",
        "message": "A 'set-cookie' header doesn't contain a cookie name-value string."
    },
    "noPathHasHostPrefix": {
        "description": "Report message when the header contains prefix but not the right value for path",
        "message": "A 'set-cookie' header contains '__Host-' prefix but the 'path' directive doesn't have a value of '/'."
    },
    "noSecure": {
        "description": "Report message when a cookie doesn't have the 'secure' directive",
        "message": "A 'set-cookie' header doesn't have the 'secure' directive."
    },
    "noTrilingSemicolon": {
        "description": "Report message when the header to set a cookie has a trailing ';'",
        "message": "A 'set-cookie' header has a trailing ';'."
    },
    "unknownAttribute": {
        "description": "Report message when the header contains an unknown attribute",
        "message": "A 'set-cookie' header contains unknown attribute '$1'."
    }
}
