Previously, it was possible to access the api via urls like:
(Plus some POST data)
Due to a security issue in certain browsers, we are no longer allowing
any text to be between "api.php" and the ?. If anything is there you
will get a 301 redirect to the url with the extraneous text removed.
Hopefully this doesn't cause any inconvenience to anyone.