Jump to content

Search the Community

Showing results for tags 'headers'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • General
    • Announcements
    • Emby Premiere Purchase/Subscription Support
    • Feature Requests
    • Tutorials and Guides
  • Emby Server
    • General/Windows
    • Android Server
    • Asustor
    • FreeBSD
    • Linux
    • NetGear ReadyNAS
    • MacOS
    • QNAP
    • Synology
    • TerraMaster NAS
    • Thecus
    • Western Digital
    • DLNA
    • Live TV
  • Emby Apps
    • Amazon Alexa
    • Android Mobile
    • Android TV / Fire TV
    • Emby Theater
    • iOS
    • Apple TV
    • Kodi
    • Raspberry Pi
    • Roku
    • Samsung Smart TV
    • Sony PlayStation
    • LG Smart TV
    • Web App
    • Windows Media Center
    • Plugins
  • Language-specific support
    • Arabic
    • Dutch
    • French
    • German
    • Italian
    • Portuguese
    • Russian
    • Spanish
    • Swedish
  • Community Contributions
    • Ember for Emby
    • Fan Art & Videos
    • Tools and Utilities
    • Web App CSS
  • Other
    • Non-Emby General Discussion
    • Developer API
    • Hardware
    • Media Clubs
    • Legacy Support


  • Emby Blog

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 1 result

  1. plaidstallion

    Recommended HTTP headers?

    I was hoping someone could take a look at the HTTP headers I have my reverse proxy (Traefik v2) apply to Emby (and other apps) and let me know what might be causing issues with the app? customFrameOptionsValue: SAMEORIGIN browserXssFilter: true stsSeconds: 155520011 referrerPolicy: no-referrer contentTypeNosniff: true sslRedirect: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true featurePolicy: true sslForceHost: true contentSecurityPolicy: "default-src ‘self’; script-src ‘self’ ‘unsafe-eval’; style-src ‘self’ ‘unsafe-inline’; frame-src *; img-src * data: blob:; font-src ‘self’ data:; media-src *;" accessControlAllowOriginList: [“<origin>”] featurePolicy: "geolocation 'none'; camera 'none'; microphone 'none'" The web interface is accessible but sometimes it doesn't load all the assets (cover art, etc) and movies will randomly not play. If I take all the headers off, everything works fine as if I am connecting inside the LAN but then I lose that nice A+ security rating for headers scan. I suppose I can start taking them off one by one and see what might be the issue but thought the devs or forum mods may just be able to look at my list and spot what is wrong. I looked for documentation of recommended headers but didn't see any articles through Google searches. Seems like a good wiki item.
  • Create New...