Nginx_Confs/jellyfin/README.md

Scoring

SSL Labs

Mozilla Observatory

Additional Score Commentary:

Mozilla Observatory

Current CSP requires the use of unsafe-inline in style-src.

Current CSP requires the use of unsafe-inline in script-src.

The relevant issue can be found at https://github.com/jellyfin/jellyfin/issues/1885

This scores a -20 in Mozilla Observatory.