Servo-replacement runtime for Tauri: wires html-cat, css-cat, dom-cat, layout-cat, paint-cat, net-cat, boa-cat, ecma-runtime-cat, and web-api-cat into a single rendering + scripting pipeline. v3.5.0 honours `Secure=` on outbound `Cookie:` headers per RFC 6265: a cookie marked `Secure` is sent only on `https://` requests. `cookie_header_value` takes a `request_scheme` argument; `try_http_url` passes `"http"`, so `Secure` cookies are filtered out of every outbound header until net-cat grows TLS support and an `https://` path lands. `HttpOnly` still waits on web-api-cat exposing `document.cookie` to JS. The Servo no-AI policy disqualifies upstream contribution; this is the AI-built parallel.