Revision history for Perl extension HTTP-Session2 1.10 2018-01-26T05:01:07Z - Validate session ID 1.09 2014-09-01T02:22:09Z - Catch the exception thrown from deserializer. (songmu++) 1.08 2014-08-03T07:21:44Z [INCOMPATIBLE CHANGE] - ClientStore2: Encrypt sig, too. This change is not compatible with previous version. 1.07 2014-08-01T14:06:49Z [BROKEN. YOU SHOULDN't USE THIS VERSION] - Fixed deps 1.06 2014-08-01T14:00:33Z [BROKEN. YOU SHOULDN't USE THIS VERSION] [BUG FIX] - Random string generator doesn't works if /dev/urandom is not available. This issue was introduced at 1.02. 1.05 2014-08-01T11:20:13Z [BROKEN. YOU SHOULDN't USE THIS VERSION] - Show warnings if the secret string is too short. 1.04 2014-08-01T11:09:52Z [BROKEN. YOU SHOULDN't USE THIS VERSION] - Documentation updated. 1.03 2014-08-01T11:03:19Z [BROKEN. YOU SHOULDN't USE THIS VERSION] - Added HTTP::Session2::ClientStore2 1.02 2014-07-31T21:14:50Z - Better session id generation using /dev/urandom. 1.01 2014-07-28T11:43:10Z - Revert HMAC strategy... It breaks our code... 1.00 2014-07-28T04:09:47Z [INCOMPATIBLE CHANGE] - I changed HMAC strategy on ServerSide mode. Previous version uses hmac_hex(data: $session_id, key: $secret) New version is: hmac_hex(data: $secret, key: $session) This version is even secure. But, it's not a critical issue. I think this change won't break your code. 0.05 2014-03-18T18:52:37Z - use Cookie::Baker for generating cookie string for Plack response object. Because the document says HTTP::Session supports Cookie::Baker's expiration format like "-1d". But it's not supported in previous version!! https://github.com/tokuhirom/HTTP-Session2/pull/1 (magai) 0.04 2013-11-01T01:00:09Z - Revert validate_empty_session flag introduced at 0.03. (tokuhirom) 0.03 2013-10-31T01:19:19Z - Validate empty session option for P3P cookies. (tokuhirom) - Non callback style storage settings. (tokuhirom) 0.02 2013-10-30T00:16:10Z - Documentation fix 0.01 2013-10-28T03:18:35Z - original version