Merge pull request #1127 from MediaBrowser/dev

3.0.5641.5

4 files changed, 10 insertions, 5 deletions

diff --git a/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs b/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
index 556fda1cd..3795f4b15 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
@@ -104,7 +104,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer
             container.Adapter = _containerAdapter;
 
             Plugins.Add(new SwaggerFeature());
-            Plugins.Add(new CorsFeature(allowedHeaders: "Content-Type, Authorization, Range, X-MediaBrowser-Token"));
+            Plugins.Add(new CorsFeature(allowedHeaders: "Content-Type, Authorization, Range, X-MediaBrowser-Token, X-Emby-Authorization"));
 
             //Plugins.Add(new AuthFeature(() => new AuthUserSession(), new IAuthProvider[] {
             //    new SessionAuthProvider(_containerAdapter.Resolve<ISessionContext>()),
diff --git a/MediaBrowser.Server.Implementations/HttpServer/LoggerUtils.cs b/MediaBrowser.Server.Implementations/HttpServer/LoggerUtils.cs
index 955c4ed2d..5558c24d7 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/LoggerUtils.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/LoggerUtils.cs
@@ -1,6 +1,6 @@
 using MediaBrowser.Model.Logging;
 using System;
-using System.Net;
+using System.Globalization;
 using System.Text;
 
 namespace MediaBrowser.Server.Implementations.HttpServer
@@ -23,7 +23,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer
 
             //log.AppendLine("Headers: " + string.Join(",", response.Headers.AllKeys.Select(k => k + "=" + response.Headers[k])));
 
-            var responseTime = string.Format(". Response time: {0} ms.", duration.TotalMilliseconds);
+            var responseTime = string.Format(". Response time: {0} ms.", duration.TotalMilliseconds.ToString(CultureInfo.InvariantCulture));
 
             var msg = "HTTP Response " + statusCode + " to " + endPoint + responseTime;
 
diff --git a/MediaBrowser.Server.Implementations/HttpServer/ResponseFilter.cs b/MediaBrowser.Server.Implementations/HttpServer/ResponseFilter.cs
index f9184f6d1..0da34efc6 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/ResponseFilter.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/ResponseFilter.cs
@@ -33,7 +33,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer
 
             if (_denyIframeEmbedding())
             {
-                res.AddHeader("X-Frame-Options", "DENY");
+                res.AddHeader("X-Frame-Options", "SAMEORIGIN");
             }
 
             var exception = dto as Exception;
diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
index 9461143a8..80892b96c 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
@@ -170,7 +170,12 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
         /// <returns>Dictionary{System.StringSystem.String}.</returns>
         private Dictionary<string, string> GetAuthorizationDictionary(IServiceRequest httpReq)
         {
-            var auth = httpReq.Headers["Authorization"];
+            var auth = httpReq.Headers["X-Emby-Authorization"];
+
+            if (string.IsNullOrWhiteSpace(auth))
+            {
+                auth = httpReq.Headers["Authorization"];
+            }
 
             return GetAuthorization(auth);
         }