= Improvements

* Rodauth now supports Roda's plain_hash_response_headers plugin on
  Rack 3+, by using lowercase response header keys, instead of
  relying on Roda's default conversion of response header keys to
  lowercase.

* When setting login_return_to_requested_location? to true, by
  default, Rodauth will no longer return to the requested location if
  it is more than 2048 bytes in size.  This is to avoid exceeding the
  4K cookie size limit.  You can modify this limit using the new
  login_return_to_requested_location_max_path_size configuration
  method.

* Rodauth now uses JSON.generate instead of JSON.fast_generate to
  avoid a deprecation warning in recent json gem versions.

* Rodauth now uses allowed_origins instead of origin when using
  WebAuthn 3.4+ to avoid a deprecation warning.
