# This file documents the revision history for Perl extension Catalyst::Plugin::CSRFToken.

1.001 - 2025-03-09
  - Back compatibility warning: The previous version has been buggy
    for quite a while due to errors I made in version 0.001 and I've
    tried to fix these over the past few years with only part success.
    Additionally some of its comparison code is not up to modern
    cryptographic standards. As a result the guts are now substantially changed.
    I did my best to be compatible in terms of the public API. This works
    for all my existing code but please shout out if you run into issues.
    FWIW I believe you should upgrade as I consider previous versions
    insecure and I will be removing them from CPAN in the future.

0.008 - 2024-10-27
  - Force session id to exist if one doesn't already.

0.007 - 2023-05-15
  - fixed bad metadata in previous release

0.006 - 2023-05-15
  - support looking in body_data for the token when the POST body
  isn't classic HTML form data.

0.005 - 2023-05-14
  - new ease of use methods

0.004 - 2023-05-14
  - changed when we perform the automatic token validation to better allow
  for one to override how error messages are sent to the browser
  - Changed the default error message to specify that the error is a bad token
  and sets the code to 403: forbidden.

0.003 - 2022-05-10
  - Added some extra utility methods and overall better docs
  - Added ability to create single use tokens.

0.002 - 2002-05-09
  - Added missing dependency to dist.ini

0.001 - 2022-05-07
  - Initial release
  - For Mom on Mother's Day