diff --git a/CHANGELOG b/CHANGELOG
index 22277ff..d76da05 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,8 @@
 Revision history for Lutim
 
 0.14.0 ????-??-??
+	- ⬆️ Update dependencies
+	- 💥 BREAKING CHANGE: Use `?_format=json` instead of `?format=json`
 
 0.13.0 2023-04-26
 	- 💄 — Add Korrigan theme (Nicolas Frandeboeuf)
diff --git a/cpanfile b/cpanfile
index 6c748c1..c16ca2a 100644
--- a/cpanfile
+++ b/cpanfile
@@ -15,6 +15,7 @@ requires 'Filesys::DiskUsage';
 requires 'Switch';
 requires 'Crypt::CBC';
 requires 'Crypt::Blowfish';
+requires 'Digest::MD5';
 requires 'Locale::Maketext';
 requires 'Locale::Maketext::Extract';
 requires 'File::MimeInfo';
diff --git a/cpanfile.snapshot b/cpanfile.snapshot
index 6b1f102..c88d038 100644
--- a/cpanfile.snapshot
+++ b/cpanfile.snapshot
@@ -3875,7 +3875,6 @@ DISTRIBUTIONS
     requirements:
       Authen::SASL 2.00
       Convert::ASN1 0.2
-      Digest::HMAC_MD5 0
       Digest::MD5 0
       ExtUtils::MakeMaker 6.59
       File::Basename 0
diff --git a/lib/Lutim.pm b/lib/Lutim.pm
index 9d8ca69..4c1ff9e 100644
--- a/lib/Lutim.pm
+++ b/lib/Lutim.pm
@@ -291,7 +291,7 @@ sub startup {
     });
 
     $r->get('/')->
-        over('authorized')->
+        requires('authorized')->
         to('Image#home')->
         name('index');
     $r->get('/')->
@@ -330,7 +330,7 @@ sub startup {
         to('Image#change_lang')->
         name('lang');
 
-    $r->get('/partial/:file' => sub {
+    $r->get('/partial/<:file>.<:f>' => sub {
         my $c = shift;
         $c->render(
             template => 'partial/'.$c->param('file'),
@@ -351,7 +351,7 @@ sub startup {
     })->name('gallery');
 
     $r->get('/myfiles')->
-        over('authorized')->
+        requires('authorized')->
         name('myfiles');
     $r->get('/myfiles')->
         to('Authent#index');
@@ -369,28 +369,28 @@ sub startup {
         ->name('random');
 
     $r->post('/')->
-        over('authorized')->
+        requires('authorized')->
         to('Image#add')->
         name('add');
     $r->post('/')->
         to('Authent#index');
 
     $r->get('/d/:short/:token')->
-        over('authorized')->
+        requires('authorized')->
         to('Image#delete')->
         name('delete');
     $r->get('/d/:short/:token')->
         to('Authent#index');
 
     $r->post('/m/:short/:token')->
-        over('authorized')->
+        requires('authorized')->
         to('Image#modify')->
         name('modify');
     $r->post('/m/:short/:token')->
         to('Authent#index');
 
     $r->post('/c')->
-        over('authorized')->
+        requires('authorized')->
         to('Image#get_counter')->
         name('counter');
     $r->post('/c')->
diff --git a/lib/Lutim/Controller/Image.pm b/lib/Lutim/Controller/Image.pm
index c7d6ecb..2e20dc9 100644
--- a/lib/Lutim/Controller/Image.pm
+++ b/lib/Lutim/Controller/Image.pm
@@ -1,8 +1,8 @@
 # vim:set sw=4 ts=4 sts=4 expandtab:
 package Lutim::Controller::Image;
+use Mojo::Asset::Memory;
 use Mojo::Base 'Mojolicious::Controller';
 use Mojo::Util qw(url_escape url_unescape b64_encode encode);
-use Mojo::Asset::Memory;
 use Mojo::JSON qw(true false);
 use Lutim::DB::Image;
 use DateTime;
@@ -487,12 +487,10 @@ sub add {
                     if ($mediatype ne 'image/svg+xml' && $mediatype !~ m#image/(x-)?xcf# && $mediatype ne 'image/webp') {
                         # Remove the EXIF tags
                         my $data = new IO::Scalar \$upload->slurp();
-                        my $et   = new Image::ExifTool;
+                        my $et   = Image::ExifTool->new;
 
-                        # Use $data in Image::ExifTool object
-                        $et->ExtractInfo($data);
                         # Remove all metadata
-                        $et->SetNewValue('*', undef);
+                        $et->SetNewValue('*');
 
                         # Create a temporary IO::Scalar to write into
                         my $temp;
diff --git a/lib/Lutim/Plugin/Helpers.pm b/lib/Lutim/Plugin/Helpers.pm
index 040c4c8..65725eb 100644
--- a/lib/Lutim/Plugin/Helpers.pm
+++ b/lib/Lutim/Plugin/Helpers.pm
@@ -8,6 +8,7 @@ use Data::Entropy qw(entropy_source);
 use DateTime;
 use Mojo::Util qw(decode);
 use ISO::639_1;
+use Digest::MD5 'md5';
 
 sub register {
     my ($self, $app) = @_;
@@ -258,6 +259,18 @@ sub _is_wm_selected {
     return ($wm eq $c->config('watermark_default')) ? 'selected="selected"' : '';
 }
 
+sub _key_from_key {
+    my $key = shift;
+
+    # Key size for Blowfish is 56
+    my $ks = 56;
+    my $material = md5($key);
+    while (length($material) < $ks) {
+        $material .= md5($material);
+    }
+    return substr($material,0,$ks);
+}
+
 sub _crypt {
     my $c        = shift;
     my $upload   = shift;
@@ -267,10 +280,12 @@ sub _crypt {
     my $iv    = $c->shortener(8);
 
     my $cipher = Crypt::CBC->new(
-        -key    => $key,
-        -cipher => 'Blowfish',
-        -header => 'none',
-        -iv     => $iv
+        -key         => _key_from_key($key),
+        -cipher      => 'Blowfish',
+        -header      => 'none',
+        -literal_key => 1,
+        -pbkdf       => 'pbkdf2',
+        -iv          => $iv
     );
 
     $cipher->start('encrypting');
@@ -289,16 +304,18 @@ sub _crypt {
 
 sub _decrypt {
     my $c    = shift;
-    my $key  = shift;
+    my $key  = _key_from_key(shift);
     my $file = shift;
     my $iv   = shift;
     $iv = 'dupajasi' unless $iv;
 
     my $cipher = Crypt::CBC->new(
-        -key    => $key,
-        -cipher => 'Blowfish',
-        -header => 'none',
-        -iv     => $iv
+        -key         => $key,
+        -cipher      => 'Blowfish',
+        -header      => 'none',
+        -literal_key => 1,
+        -pbkdf       => 'pbkdf2',
+        -iv          => $iv
     );
 
     $cipher->start('decrypting');
diff --git a/t/test.t b/t/test.t
index 72d63aa..2ddc94d 100644
--- a/t/test.t
+++ b/t/test.t
@@ -81,7 +81,7 @@ $t->get_ok('/css/lutim.css')
 # Instance settings informations
 $t->get_ok('/infos')
   ->status_is(200)
-  ->json_has('image_magick')
+  ->json_has('/image_magick')
   ->json_is(
       '/always_encrypt'    => false,
       '/broadcast_message' => 'test broadcast message',
@@ -96,7 +96,7 @@ $t->get_ok('/infos')
 my $image = Mojo::File->new($Bin, '..', 'themes', 'default', 'public', 'img', 'Lutim.png')->to_string;
 $t->post_ok('/' => form => { file => { file => $image }, format => 'json' })
   ->status_is(200)
-  ->json_has('msg', 'success')
+  ->json_has('/msg', '/success')
   ->json_is('/success' => true, '/msg/filename' => 'Lutim.png')
   ->json_like('/msg/short' => qr#[-_a-zA-Z0-9]{8}#, '/msg/real_short' => qr#[-_a-zA-Z0-9]{8}#, '/msg/token' => qr#[-_a-zA-Z0-9]{24}#);
 
@@ -138,7 +138,7 @@ my $token  = $raw->json('/msg/token');
 $t->get_ok('/'.$rshort)
   ->status_is(200);
 
-$t->get_ok('/d/'.$rshort.'/'.$token, form => { format => 'json' })
+$t->get_ok('/d/'.$rshort.'/'.$token, form => { _format => 'json' })
   ->status_is('200')
   ->json_is(
       {
diff --git a/themes/default/templates/partial/common.js.ep b/themes/default/templates/partial/common.js.ep
index 5ffe430..e21946f 100644
--- a/themes/default/templates/partial/common.js.ep
+++ b/themes/default/templates/partial/common.js.ep
@@ -147,7 +147,7 @@ function delImage(e) {
         url: '<%= url_for('/') %>d/'+short+'/'+token,
         method: 'GET',
         data: {
-            format: 'json'
+            _format: 'json'
         },
         success: function(data) {
             if (data.success) {