# Scoring

## SSL Labs
![alt text](./scoring/SSL_Labs.png?raw=true)

## Mozilla Observatory
![alt text](./scoring/Mozilla_Observatory.png?raw=true)

# Additional Score Commentary:

## Mozilla Observatory
Current CSP requires the use of unsafe-inline in style-src.

Current CSP requires the use of unsafe-inline in script-src.

The relevant issue can be found at https://github.com/jellyfin/jellyfin/issues/1885

This scores a -20 in Mozilla Observatory.