prepare release meta info

[catagits/Catalyst-Plugin-Session.git] / Changes

diff --git a/Changes b/Changes
index 19fa518..7da8859 100644 (file)
--- a/Changes
+++ b/Changes
@@ -1,6 +1,26 @@
 Revision history for Perl extension Catalyst::Plugin::Session
 
-      - Fix t/live_verify_address.t to skip of Catalyst::Plugin::Authentication
+0.41 2018-12-05
+      - Don't let an evil session ID supplier have an easy XSS vector (Michael McClimon++)
+
+0.40 2015-01-26
+      - Add a flag so that a storage can finalize during finalize_header rather
+      than finalize_body.  This is to enable storages that need to write to the
+      HTTP header (such as the cookie based store).
+
+0.39 2013-10-16
+      - Fixed a bug when "expiry_threshold" is non-zero, where changes to the
+      session were not saved.
+
+0.38 2013-09-18
+      - New feature: "expiry_threshold" which allows you more control over when
+      this plugin checks and updates the expiration date for the session.
+      This is useful when you have high traffic and need to reduce the number
+      of session expiration hits (like if you are using a database for sessions
+      and your db is getting pounded).
+
+0.37 2013-02-25
+      - Fix t/live_verify_address.t to skip if Catalyst::Plugin::Authentication
         is not installed, fixing RT#81506.
 
 0.36 2012-10-19