Search the Community

It's 2016 and Emby (Community) still doesn't use proper TLS. This page has an Qualys SSL Labs rating of F (this should be A or A+) Most links on this page redirect back to HTTP Most pages are only partially HTTPS You can't login securely without editing the form manually You can't register securely without editing the form manually You can't post in the forum securely without editing the form manually Side note: Your PHP exposes its version freely in your X-Powered-By header Also, your plugin catalog images are loaded solely via HTTP. This results in some of them being blocked by modern browsers. In a year where SSL certificates are free and there is more than enough documentation on securing a TLS connection it's not acceptable for a company trying to sell products for up to 100$ to be this insecure. I would love to see this done properly. edit: Also just saw the pinned thread. Feel free to move it in there.