1 files changed, 12 insertions, 6 deletions

diff --git a/perllib/FixMyStreet/DB/Result/Problem.pm b/perllib/FixMyStreet/DB/Result/Problem.pm
index a74a04828..51805fa51 100644
--- a/perllib/FixMyStreet/DB/Result/Problem.pm
+++ b/perllib/FixMyStreet/DB/Result/Problem.pm
@@ -920,15 +920,21 @@ sub photos {
     my $id = $self->id;
     my @photos = map {
         my $cachebust = substr($_, 0, 8);
+        # Some Varnish configurations (e.g. on mySociety infra) strip cookies from
+        # images, which means image requests will be redirected to the login page
+        # if LOGIN_REQUIRED is set. To stop this happening, Varnish should be
+        # configured to not strip cookies if the cookie_passthrough param is
+        # present, which this line ensures will be if LOGIN_REQUIRED is set.
+        my $extra = (FixMyStreet->config('LOGIN_REQUIRED')) ? "&cookie_passthrough=1" : "";
         my ($hash, $format) = split /\./, $_;
         {
             id => $hash,
-            url_temp => "/photo/temp.$hash.$format",
-            url_temp_full => "/photo/fulltemp.$hash.$format",
-            url => "/photo/$id.$i.$format?$cachebust",
-            url_full => "/photo/$id.$i.full.$format?$cachebust",
-            url_tn => "/photo/$id.$i.tn.$format?$cachebust",
-            url_fp => "/photo/$id.$i.fp.$format?$cachebust",
+            url_temp => "/photo/temp.$hash.$format$extra",
+            url_temp_full => "/photo/fulltemp.$hash.$format$extra",
+            url => "/photo/$id.$i.$format?$cachebust$extra",
+            url_full => "/photo/$id.$i.full.$format?$cachebust$extra",
+            url_tn => "/photo/$id.$i.tn.$format?$cachebust$extra",
+            url_fp => "/photo/$id.$i.fp.$format?$cachebust$extra",
             idx => $i++,
         }
     } $photoset->all_ids;