diff --git a/CHANGELOG.md b/CHANGELOG.md
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,13 @@
 # Change Log
 
 ## [HEAD]
+## [0.6.0.2] - 2018-01-13
+### Added
+- `CookiedWrapperClass` supports `MonadIO`- and `MonadThrow`-constrained monads.
+### Changed
+- Fixed dependencies' bounds.
+- `AuthCookieExceptionHandler` requires type of underlying monad as parameter.
+
 ## [0.6.0.1] - 2017-12-29
 ### Changed
 - Fixed module `tests/Utils` export.
@@ -163,7 +170,8 @@
 - Initial version of the package.
 
 
-[HEAD]:    ../../compare/v0.6.0.1...HEAD
+[HEAD]:    ../../compare/v0.6.0.2...HEAD
+[0.6.0.2]: ../../compare/v0.6.0.1...v0.6.0.2
 [0.6.0.1]: ../../compare/v0.6.0...v0.6.0.1
 [0.6.0]:   ../../compare/v0.5.0.7...v0.6.0
 [0.5.0.7]: ../../compare/v0.5.0.6...v0.5.0.7
diff --git a/example/AuthAPI.hs b/example/AuthAPI.hs
--- a/example/AuthAPI.hs
+++ b/example/AuthAPI.hs
@@ -232,7 +232,7 @@
     mwm <- getHeaderSession settings sks h `catch` handleEx
     return $ whoamiPage $ epwSession <$> mwm
     where
-      handleEx :: AuthCookieExceptionHandler
+      handleEx :: AuthCookieExceptionHandler Handler
       handleEx _ex = return Nothing
 #else
   servePrivate = servePrivate' . epwSession
@@ -265,7 +265,7 @@
     (throwError err403 {errBody = "No cookies"})
     (return)
   where
-    handleEx :: AuthCookieExceptionHandler
+    handleEx :: AuthCookieExceptionHandler Handler
     handleEx ex = throwError err403 {errBody = fromStrict . BSC8.pack $ show ex}
 
 -- | Authentication settings.
diff --git a/servant-auth-cookie.cabal b/servant-auth-cookie.cabal
--- a/servant-auth-cookie.cabal
+++ b/servant-auth-cookie.cabal
@@ -1,5 +1,5 @@
 name:                servant-auth-cookie
-version:             0.6.0.1
+version:             0.6.0.2
 synopsis:            Authentication via encrypted cookies
 description:         Authentication via encrypted client-side cookies,
                      inspired by client-session library by Michael Snoyman and based on
@@ -236,7 +236,7 @@
 
   build-depends: base           >= 4.7     && < 5.0
                , bytestring
-               , criterion      >= 0.6.2.1 && < 1.3
+               , criterion      >= 0.6.2.1 && < 1.4
                , cryptonite     >= 0.14    && < 0.25
                , servant-auth-cookie
                , servant-server >= 0.5     && < 0.13
diff --git a/src/Servant/Server/Experimental/Auth/Cookie.hs b/src/Servant/Server/Experimental/Auth/Cookie.hs
--- a/src/Servant/Server/Experimental/Auth/Cookie.hs
+++ b/src/Servant/Server/Experimental/Auth/Cookie.hs
@@ -154,10 +154,6 @@
 import Control.Applicative
 #endif
 
-#if MIN_VERSION_servant(0,7,0)
-import Servant.Server (Handler)
-#endif
-
 #if MIN_VERSION_servant(0,9,0)
 import Servant (ToHttpApiData (..))
 import Data.Text (Text)
@@ -175,11 +171,6 @@
 import Network.HTTP.Types.Header (hSetCookie)
 #endif
 
-#if MIN_VERSION_servant(0,7,0)
-#else
-type Handler = ExceptT ServantErr IO
-#endif
-
 #if MIN_VERSION_http_types(0,10,0)
 #else
 hSetCookie :: HeaderName
@@ -778,8 +769,8 @@
     -> r                                              -- ^ Wrapped function
 
 -- When no arguments left: add session header to result.
-instance (Serialize c)
-         => CookiedWrapperClass (Handler b) (Handler (Cookied b)) c where
+instance (Serialize c, MonadIO m, MonadThrow m)
+         => CookiedWrapperClass (m b) (m (Cookied b)) c where
   wrapCookied _               Nothing                    = fmap noHeader
   wrapCookied (acs, rs, k, _) (Just PayloadWrapper {..}) = (>>= addSession acs rs k pwSettings pwSession)
 
@@ -805,7 +796,7 @@
 -- Default auth handler
 
 -- | Type for exception handler.
-type AuthCookieExceptionHandler = forall a. AuthCookieException -> Handler (Maybe (ExtendedPayloadWrapper a))
+type AuthCookieExceptionHandler m = forall a. AuthCookieException -> m (Maybe (ExtendedPayloadWrapper a))
 
 -- | Type for cookied handler.
 type AuthCookieHandler a
