From 2a21bee245aee7827eb00925307d2e107b6db646 Mon Sep 17 00:00:00 2001
From: Pierre Ossman <ossman@cendio.se>
Date: Thu, 6 Apr 2023 17:11:47 +0200
Subject: Revert broken Add support for URL fragment parameters

This is a revert of the code changes in commit
f796b05e42cfac7044cca9603e59f258605228f3 as it served no functional
purpose.

Fragments were already respected for setting parameters, via a different
function. Thus it is unclear what that commit tried to fix. It also
complicated things by mixing the document location with the window
location.

The comment changes are useful, though, so those are kept.
---
 app/webutil.js |  2 +-
 vnc_lite.html  | 11 ++---------
 2 files changed, 3 insertions(+), 10 deletions(-)

diff --git a/app/webutil.js b/app/webutil.js
index 084c69f..a2eab19 100644
--- a/app/webutil.js
+++ b/app/webutil.js
@@ -32,7 +32,7 @@ export function initLogging(level) {
 export function getQueryVar(name, defVal) {
     "use strict";
     const re = new RegExp('.*[?&]' + name + '=([^&#]*)'),
-          match = ''.concat(document.location.href, window.location.hash).match(re);
+          match = document.location.href.match(re);
     if (typeof defVal === 'undefined') { defVal = null; }
 
     if (match) {
diff --git a/vnc_lite.html b/vnc_lite.html
index e725a2d..eaf75f8 100644
--- a/vnc_lite.html
+++ b/vnc_lite.html
@@ -107,20 +107,13 @@
         // query string. If the variable isn't defined in the URL
         // it returns the default value instead.
         function readQueryVariable(name, defaultValue) {
-            // A URL with a query parameter can look like this (But will most probably get logged on the http server):
+            // A URL with a query parameter can look like this:
             // https://www.example.com?myqueryparam=myvalue
             //
-            // For privacy (Using a hastag #, the parameters will not be sent to the server)
-            // the url can be requested in the following way:
-            // https://www.example.com#myqueryparam=myvalue&password=secreatvalue
-            //
-            // Even Mixing public and non public parameters will work:
-            // https://www.example.com?nonsecretparam=example.com#password=secreatvalue
-            //
             // Note that we use location.href instead of location.search
             // because Firefox < 53 has a bug w.r.t location.search
             const re = new RegExp('.*[?&]' + name + '=([^&#]*)'),
-                  match = ''.concat(document.location.href, window.location.hash).match(re);
+                  match = document.location.href.match(re);
 
             if (match) {
                 // We have to decode the URL since want the cleartext value
-- 
cgit v1.2.1