Open ThomasVicot opened 1 year ago
This is caused by the sameSite
cookie setting. If you change https://github.com/Fallenbagel/jellyseerr/blob/develop/server/index.ts#L165 to false
requests inside an iframe from another domain should work. Keep in mind that this completely disables CSRF protection.
Here's a patched jellyfin-web that additionally renders custom menulinks as iframe allowing easy integration with Jellyseerr
Description
Hello everyone,
I have my jellyfin server and my jellyseerr server accessible via a different dynamic dns (noIP) in https behind an Apache reverse proxy.
I've integrated jellyseerr as an iframe instead of the trailer tab.
I can see the login page but I can't connect, error 401 unauthorized, I've tried lots of solutions without success. When I access https://JELLYSEERR.ddns.net directly, I can connect without any problem. I was able to figure out that the problem was due to cookies and probably to the sharing of cookies between domains without resolving the problem.
I've tested the connection via API with
X-Api-Key
, everything works but the connection is auto on the Owner account, not usable as I'm sharing the server with my family/friends. I haven't managed to configure the connection on an account other than the owner.I also have a configuration with the same config that works perfectly with Ombi in iframe on jellyfin in https.
Do you have any ideas on how to enable authentication? Or (perhaps the best) keep the API connection but be able to choose auto connection to another account (without admin rights)? J'ai essayé énormément de choses sans succès je commence à sécher
Thanks
Version
1.6.0
Steps to Reproduce
Authentification in iframe
Screenshots
No response
Logs
No response
Platform
desktop
Device
PC
Operating System
Debian
Browser
Chrome, Safari, Edge, Firefox
Additional Context
No response
Code of Conduct