From 52bb61bff373346033b56403d1d58deffd0fb359 Mon Sep 17 00:00:00 2001
From: b <rowerynaksiezycu@gmail.com>
Date: Mon, 12 Feb 2024 23:20:42 +0000
Subject: [PATCH] include password in empty goto redirect

---
 viewer.1.pl | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/viewer.1.pl b/viewer.1.pl
index 338eb87..97f0434 100644
--- a/viewer.1.pl
+++ b/viewer.1.pl
@@ -123,15 +123,6 @@ if ($method eq 'POST') {
 	}
 }
 
-if (
-	(defined $cgi{'f'}) &&
-	($cgi{'f'} eq '') &&
-	($cgi{'g'} ne '')
-) { # GOTO with no value
-	exit redirect($method, CGI_GOTO_PATH(), HTTP_STATUS->{'see_other'});
-}
-
-
 $no_cgi = (scalar (keys %cgi) == 0);
 
 $IP = get_remote_addr();
@@ -147,6 +138,22 @@ if ($frame >= 0) {
 
 $password_ok = ($password eq $settings{'password'});
 
+if (
+	(defined $cgi{'f'}) &&
+	($cgi{'f'} eq '') &&
+	($cgi{'g'} ne '')
+) { # GOTO with no value
+	my $goto_url = CGI_GOTO_PATH();
+	if ($password_ok) {
+		$goto_url = merge_url(
+			{'path' => $goto_url},
+			{'query' => {'p' => $password}}
+		);
+	}
+	exit redirect($method, $goto_url, HTTP_STATUS->{'see_other'});
+}
+
+
 # state & activation logic
 if (open_encoded($fh, "+<:encoding(UTF-8)", DATA_STATE_PATH())) {
 	if (flock($fh, 2)) {
-- 
2.30.2