refactor: HTTP checker 质量加固

- failure actual 截断格式改为 …(共 N 字符)，标量不序列化直接返回
- 新增 redos.ts 实现 ReDoS 静态检测（嵌套量词/重叠交替），启动期拒绝危险正则
- JSON body rules 共享同一次 JSON.parse 结果，避免重复解析
- checkCssRule 重构为线性流程，消除 exist:true 与无 operator 的冗余分支
- extract checkEarlyTimeout 辅助函数，明确提前 duration 检查意图
- 补充 303/307/308 重定向、相对路径 Location、混合 body rules 集成测试

tests/server/checker/runner/shared/body.test.ts

@@ -130,6 +130,28 @@ describe("checkBodyExpect (BodyRule[])", () => {
     expect(r.failure).toBeNull();
   });
 
+  test("多条 json 规则共享解析结果且全部通过", () => {
+    const body = JSON.stringify({ count: 5, status: "healthy" });
+    const originalParse = JSON.parse;
+    let parseCount = 0;
+    JSON.parse = ((text, reviver) => {
+      parseCount++;
+      return originalParse(text, reviver) as unknown;
+    }) as typeof JSON.parse;
+
+    try {
+      const r = checkBodyExpect(body, [
+        { json: { equals: "healthy", path: "$.status" } },
+        { json: { gte: 1, path: "$.count" } },
+      ]);
+      expect(r.matched).toBe(true);
+      expect(r.failure).toBeNull();
+      expect(parseCount).toBe(1);
+    } finally {
+      JSON.parse = originalParse;
+    }
+  });
+
   test("第二条规则失败返回正确索引", () => {
     const body = JSON.stringify({ status: "ok" });
     const r = checkBodyExpect(body, [{ contains: "ok" }, { json: { equals: "error", path: "$.status" } }]);