-
Notifications
You must be signed in to change notification settings - Fork 6
/
Changes
75 lines (44 loc) · 1.64 KB
/
Changes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
Revision history for Perl extension HTTP-Session2
{{$NEXT}}
1.06 2014-08-01T14:00:33Z
[BUG FIX]
- Random string generator doesn't works if /dev/urandom is not available.
This issue was introduced at 1.02.
1.05 2014-08-01T11:20:13Z
- Show warnings if the secret string is too short.
1.04 2014-08-01T11:09:52Z
- Documentation updated.
1.03 2014-08-01T11:03:19Z
- Added HTTP::Session2::ClientStore2
1.02 2014-07-31T21:14:50Z
- Better session id generation using /dev/urandom.
1.01 2014-07-28T11:43:10Z
- Revert HMAC strategy...
It breaks our code...
1.00 2014-07-28T04:09:47Z
[INCOMPATIBLE CHANGE]
- I changed HMAC strategy on ServerSide mode.
Previous version uses
hmac_hex(data: $session_id, key: $secret)
New version is:
hmac_hex(data: $secret, key: $session)
This version is even secure. But, it's not a critical issue.
I think this change won't break your code.
0.05 2014-03-18T18:52:37Z
- use Cookie::Baker for generating cookie string for Plack response object.
Because the document says HTTP::Session supports Cookie::Baker's expiration format like "-1d".
But it's not supported in previous version!!
https://github.com/tokuhirom/HTTP-Session2/pull/1
(magai)
0.04 2013-11-01T01:00:09Z
- Revert validate_empty_session flag introduced at 0.03.
(tokuhirom)
0.03 2013-10-31T01:19:19Z
- Validate empty session option for P3P cookies.
(tokuhirom)
- Non callback style storage settings.
(tokuhirom)
0.02 2013-10-30T00:16:10Z
- Documentation fix
0.01 2013-10-28T03:18:35Z
- original version