Jump to content

Web app - Premiere page circle spins endlessly


JohnMason1
Go to solution Solved by JohnMason1,

Recommended Posts

Hi everyone!

I have to start with a positive word about the night-vs-day that Emby is against Jellyfin at the moment (which is what spurred me on to finally try Emby).

I got a month of Premiere to test it. The Android apps work perfectly, however on the web app, the key is accepted, but the circle spins endlessly. No matter what laptop or browser I log in from, the circle still spins a day later.
Now, my main wishful setting was to set dark mode for settings (which requires Premiere). Sometimes this happens, but other times it stays white. I am not sure how else I can tell if the web app knows I have Premiere, as all the indications that say e.g. "this setting requires Premiere", "Get Premiere" on the top right, etc. are all still there.

I have disabled ad blockers, FF/Edge anti-tracking and checked nothing is being blocked by NextDNS.

Is there any way I can fix this?

Link to comment
Share on other sites

34 minutes ago, JohnMason1 said:

I am not sure how else I can tell if the web app knows I have Premiere, as all the indications that say e.g. "this setting requires Premiere", "Get Premiere" on the top right, etc. are all still there.

If "Get Premiere" banner is still present, your key was likely not validated. 

You can post server log as it'd show (un)successful validation attempts. 

Link to comment
Share on other sites

Thanks @GrimReaper. I don't want to post logs publicly as I can see they contain e.g. full directory listings, I can pm someone if that helps. I am looking at the log here, but not sure what I should be looking for. It does not contain the word 'premiere' anywhere, what other keywords can I look for?

Link to comment
Share on other sites

Doesn't look like a communication issue as validation is occurring:

Quote
2024-10-02 08:49:01.429 Info SecurityManager: Not registered for MBSupporter

but it seems that the response from the server is that the key really isn't valid - causes of that might be proxies, VPNs, browser addins etc. that could potentially be interfering/modifying headers. 

You can go through the steps listed here:

My Emby Key Says it is Invalid or Missing

If unsuccessful, you can email:

Quote

billingsupport@emby.media

with the account details. 

Edited by GrimReaper
Link to comment
Share on other sites

11 minutes ago, GrimReaper said:

proxies, VPNs, browser addins

Thank you for the pointers.

Premiere is recognised from both my phone and my Shield, so we can assume the server knows it's got it and it's something browser specific, as it is happening on two different laptops, one Linux Mint, one Windows, on both Firefox and Edge. I use NextDNS, but I use that at router level, so my phone and the Shield both go through it. I have tried disabling uBlock and the browser anti-tracking protections, with no luck.

Knowing the logs

13 minutes ago, GrimReaper said:

Info SecurityManager: Not registered for MBSupporter

Is this a response received from Emby's server? If so, does it not mean the problem is with Emby's server rather than my end?

I will try some more browsers, before emailing billing.

Link to comment
Share on other sites

14 minutes ago, JohnMason1 said:

Is this a response received from Emby's server?

It is:

Quote
2024-10-02 08:49:01.426 Info HttpClient: Http response 200 from https://mb3admin.com/admin/service/registration/validate after 472ms.

 

15 minutes ago, JohnMason1 said:

If so, does it not mean the problem is with Emby's server rather than my end?

Wouldn't think so, it likely means that the key admin server is receiving does not correspond to the one registered in the db. 

Personally, I'd put my phone on mobile data, create a hotspot, connect either laptop through it and try to validate - you'd narrow down potential points of failure, either router/network setup related or machine/browser related. 

Link to comment
Share on other sites

4 hours ago, JohnMason1 said:

it is happening on two different laptops

Hi.  Where is the server installed?  What happens on that machine?

The key only needs to be input once - on the server machine.

Also be sure you don't have invisible or invalid characters in the key...

Link to comment
Share on other sites

1 minute ago, ebr said:

Where is the server installed?

It's a headless cloud server.

2 minutes ago, ebr said:

The key only needs to be input once - on the server machine.

Is there a way to directly input the key into the server settings files somewhere?
Also, I have entered the key in the mobile and Shield apps, and it's been accepted fine, but clearly this has not translated to the web app.

3 minutes ago, ebr said:

invisible or invalid characters in the key.

I am directly copying/pasting it from the email they sent me.

Link to comment
Share on other sites

Just now, JohnMason1 said:

Also, I have entered the key in the mobile and Shield apps, and it's been accepted fine

The key only needs to be entered once.

1 minute ago, JohnMason1 said:

but clearly this has not translated to the web app

I still suspect something in the browser.  Is there an error in the console?

Link to comment
Share on other sites

1 minute ago, ebr said:

Is there an error in the console?

Good catch, I didn't think of checking there 🫣

There is this:

Content-Security-Policy: The page’s settings blocked the loading of a resource (connect-src) at https://mb3admin.com/admin/service/registration/getStatus because it violates the following directive: “connect-src 'self'”

Uncaught (in promise) TypeError: NetworkError when attempting to fetch resource.

 

Link to comment
Share on other sites

14 hours ago, JohnMason1 said:

The Android apps work perfectly,

So you can enter the key using the Android app and there is no issue?

If so, you don't need to do it again anywhere else.  Does everything work after validating the key properly in the app?

@Lukethe last time (4.2.x) there was a similar CSP problem, something was adjusted in the server to address it, I think...

  • Like 1
Link to comment
Share on other sites

  • Solution

Fixed it!

The problem was I had just taken Jellyfin's nginx config and used it as a template for Emby. This did not include the necessary Content-Security-Policy header, hence this issue.
I just looked up and used the config some other fellow users recommended, and now it works.

I still need to research and learn more about this header to make sure I am keeping my server as secure as can be.

Here's what the headers section of nginx looks like now, any further advice is always welcome:

# Content Security Policy
    add_header X-Xss-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Strict-Transport-Security "max-age=2592000; includeSubdomains" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    proxy_hide_header X-Powered-By;
    add_header 'Referrer-Policy' 'no-referrer';
    add_header Content-Security-Policy "frame-ancestors mydomain.com emby.mydomain.com;";

 

  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...