If the Server returns a Set-Cookie header with a cookie value > 4K in length, the linter (severity M) should warn the user that the browser is unlikely to accept the cookie. This should be a line or two of code using the existing lint architecture.