if cookie_params
            vulns.concat(
              case cookie_params
              when true
                scan_cookie_params(url, http: http, **kwargs,&block)