From 5d9818b5e046da6f2be545be0fbbe1457cf4708b Mon Sep 17 00:00:00 2001
From: "Edward Z. Yang" <edwardzyang@thewritingpot.com>
Date: Sun, 2 Nov 2008 03:39:10 -0500
Subject: [PATCH] Release 1.0.1.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
---
 NEWS.txt       | 28 ++++++++++++++++++++++++++++
 csrf-magic.php |  2 +-
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 NEWS.txt

diff --git a/NEWS.txt b/NEWS.txt
new file mode 100644
index 0000000..de3b081
--- /dev/null
+++ b/NEWS.txt
@@ -0,0 +1,28 @@
+
+                            [[     news     ]]
+
+1.0.1 released 2008-11-02
+
+ [NEW FEATURES]
+
+    - Support for composite tokens; this also fixes a bug with using
+      IP-based tokens for users with cookies disabled.
+
+    - Native support cookie tokens; use csrf_conf('cookie', $name) to
+      specify the name of a cookie that the CSRF token should be
+      placed in.  This is useful if you have a Squid cache, and need
+      to configure it to ignore this token.
+
+    - Tips/tricks section in README.txt.
+
+    - There is now a two hour expiration time on all tokens.  This
+      can be modified using csrf_conf('expires', $seconds).
+
+    - ClickJacking protection using an iframe breaker.  Disable with
+      csrf_conf('frame-breaker', false).
+
+ [BUG FIXES]
+
+    - CsrfMagic.send() incorrectly submitted GET requests twice,
+      once without the magic token and once with the token.  Reported
+      by Kelly Lu <lubird@gmail.com>.
diff --git a/csrf-magic.php b/csrf-magic.php
index 4cb7848..91f6242 100644
--- a/csrf-magic.php
+++ b/csrf-magic.php
@@ -129,7 +129,7 @@ $GLOBALS['csrf']['xhtml'] = true;
 // FUNCTIONS:
 
 // Don't edit this!
-$GLOBALS['csrf']['version'] = '1.0.0';
+$GLOBALS['csrf']['version'] = '1.0.1';
 
 /**
  * Rewrites <form> on the fly to add CSRF tokens to them. This can also
-- 
2.11.4.GIT