Search the Community

I was hoping someone could take a look at the HTTP headers I have my reverse proxy (Traefik v2) apply to Emby (and other apps) and let me know what might be causing issues with the app? customFrameOptionsValue: SAMEORIGIN browserXssFilter: true stsSeconds: 155520011 referrerPolicy: no-referrer contentTypeNosniff: true sslRedirect: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true featurePolicy: true sslForceHost: true contentSecurityPolicy: "default-src ‘self’; script-src ‘self’ ‘unsafe-eval’; style-src ‘self’ ‘unsafe-inline’; frame-src *; img-src * data: blob:; font-src ‘self’ data:; media-src *;" accessControlAllowOriginList: [“<origin>”] featurePolicy: "geolocation 'none'; camera 'none'; microphone 'none'" The web interface is accessible but sometimes it doesn't load all the assets (cover art, etc) and movies will randomly not play. If I take all the headers off, everything works fine as if I am connecting inside the LAN but then I lose that nice A+ security rating for headers scan. I suppose I can start taking them off one by one and see what might be the issue but thought the devs or forum mods may just be able to look at my list and spot what is wrong. I looked for documentation of recommended headers but didn't see any articles through Google searches. Seems like a good wiki item.