From 229fa0bf6593df360db94fd207f7a5e401d860c1 Mon Sep 17 00:00:00 2001
From: Josh Patra <joshpatra12@gmail.com>
Date: Mon, 2 Feb 2026 02:47:12 -0500
Subject: [PATCH] websocket 2.0

---
 .../Services/Jellyfin/JellyfinProxyService.cs  | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/allstarr/Services/Jellyfin/JellyfinProxyService.cs b/allstarr/Services/Jellyfin/JellyfinProxyService.cs
index 43f4fcd..4e675ed 100644
--- a/allstarr/Services/Jellyfin/JellyfinProxyService.cs
+++ b/allstarr/Services/Jellyfin/JellyfinProxyService.cs
@@ -148,6 +148,15 @@ public class JellyfinProxyService
         
         bool authHeaderAdded = false;
         
+        // Check if this is a browser request for static assets (favicon, etc.)
+        bool isBrowserStaticRequest = url.Contains("/favicon.ico", StringComparison.OrdinalIgnoreCase) ||
+                                      url.Contains("/web/", StringComparison.OrdinalIgnoreCase) ||
+                                      (clientHeaders?.Any(h => h.Key.Equals("User-Agent", StringComparison.OrdinalIgnoreCase) && 
+                                                              h.Value.ToString().Contains("Mozilla", StringComparison.OrdinalIgnoreCase)) == true &&
+                                       clientHeaders?.Any(h => h.Key.Equals("sec-fetch-dest", StringComparison.OrdinalIgnoreCase) && 
+                                                              (h.Value.ToString().Contains("image", StringComparison.OrdinalIgnoreCase) ||
+                                                               h.Value.ToString().Contains("document", StringComparison.OrdinalIgnoreCase))) == true);
+        
         // Forward authentication headers from client if provided
         if (clientHeaders != null && clientHeaders.Count > 0)
         {
@@ -195,20 +204,21 @@ public class JellyfinProxyService
                 }
             }
             
-            if (!authHeaderAdded)
+            // Only log warnings for non-browser static requests
+            if (!authHeaderAdded && !isBrowserStaticRequest)
             {
                 _logger.LogWarning("✗ No auth header found. Available headers: {Headers}", 
                     string.Join(", ", clientHeaders.Select(h => $"{h.Key}={h.Value}")));
             }
         }
-        else
+        else if (!isBrowserStaticRequest)
         {
             _logger.LogWarning("✗ No client headers provided for {Url}", url);
         }
         
         // DO NOT use server API key as fallback - let Jellyfin handle unauthenticated requests
         // If client doesn't provide auth, they get what they deserve (401 from Jellyfin)
-        if (!authHeaderAdded)
+        if (!authHeaderAdded && !isBrowserStaticRequest)
         {
             _logger.LogInformation("No client auth provided for {Url} - forwarding without auth", url);
         }
@@ -229,7 +239,7 @@ public class JellyfinProxyService
             {
                 _logger.LogWarning("Jellyfin returned 401 Unauthorized for {Url} - passing through to client", url);
             }
-            else
+            else if (!isBrowserStaticRequest) // Don't log 404s for browser static requests
             {
                 _logger.LogWarning("Jellyfin request failed: {StatusCode} for {Url}", response.StatusCode, url);
             }