--- AnyEvent-HTTP/Changes	2018/08/30 00:08:16	1.90
+++ AnyEvent-HTTP/Changes	2018/09/10 07:03:12	1.95
@@ -16,14 +16,24 @@
 
 TODO: look into http 0.9 support (Kostirya <kostirya@gmail.com>)
 TODO: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&%23038;d=PG01&%23038;p=1&%23038;u=/netahtml/PTO/srchnum.html&%23038;r=1&%23038;f=G&%23038;l=50&%23038;s1="20110298798".PGNR.&%23038;OS=DN/20110298798&%23038;RS=DN/20110298798
+TODO: cookie_jar_extract should refuse when host is an ip literal
+TODO: cookie_jar_et_cookie should reject cookies not matching their down server domain
+TODO: cookie prefixes? https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00
 
-2.25
+	- the sessionid parameter was documented as session in random
+          places - fix docs and keep using sessionid in the code as before.
+	- fix cookie format documentation.
+
+2.24 Thu Aug 30 03:23:03 CEST 2018
+	- bring cookie management more in line with RFC 6265; implement idn
+          matching for cookie domains.
+        - update cookie_jar version to 2, invalidate existing cookie jars.
+        - preserve original cookie domain attribute.
+        - also expire old cookie jars in cookie parser, just in case.
 	- further improve relative redirection code.
         - comment out code that tried to detect possible bugs with persistent
           connection caching, but since it never triggered, it's probably
           working fine :)
-
-2.24
 	- do not call on_body callback on a response that AE::HTTP will recurse
           on internally (reported by Антон Онуфриев and Ruslan Zakirov).