Version 2.4.0

• Various methods will now throw an TokenStorageException if the secret
  token cannot be appropriately stored or loaded.
• Some documentation has been clarified and tests have been improved to better
  cover different use cases.

Version 2.3.0

• Added SingleToken class, which allows lazy loading the token and
  generating only one token per request.

Version 2.2.1

• Implement the missing NonceValidator::getNonceCount() method.

Version 2.2.0

• Token length is now stored in a constant CSRFHandler::TOKEN_LENGTH instead
  of a protected member, as it should have been from the start.
• Use HMAC-SHA256 for generating the encrypted token instead of XOR cipher.
• CookieStorage now allows secure and httpOnly parameters in the constructor,
  which default to false and true.
• Added NonceValidator class for using nonce tokens.

Version 2.1.0

• Improvements in code quality and documentation
• The library now prefers hash_equals for constant time string comparison on
  PHP version 5.6 and later.
• Added CSRFHandler::isValidatedRequest() to tell if the CSRF token should
  be validated according to current request method.
• Added CSRFHandler::validateRequestToken() to validate the token sent in the
  request.
• Changed CSRFHandler::getRequestToken() to public from protected
• CSRFHandler now calls protected method killScript() internally when killing
  the script via validateRequest().
• The SecureRandom library is now only loaded when needed
• InvalidCSRFTokenException now extends UnexpectedValueException
• CSRFHandler::regenerateToken() now prevents the token from being the same
  one as previously (should the astronomically unlikely event occur).