Fixed Delete API Key When Session Timed Out Returns In Json

Pawn Studios

Active member
Affected version
Delete API Key When Logged Out Returns In Json


If you try to delete an API key after your session times out, it will ask you to re-enter the password for your account. Once you do so it will redirect you and return the response in json format instead of regular web view.

URL: admin.php?api-keys/1/delete&_xfRequestUri=%2Fadmin.php%3Fapi-keys%2F&_xfWithData=1&_xfToken=redacted&_xfResponseType=json

XF Bug Bot

XenForo bug fixer bot
Staff member
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.2.9).

Change log:
Strip AJAX query params from password confirmation redirects
There may be a delay before changes are rolled out to the XenForo Community.