So why is it that the HTTPS camera feed I set up works perfect on the computer in Sharptools Media tiles and on the dashboard shown on the computer and on the tablet in a browser with the user name and password embedded in the link BUT when Sharptools is loaded with the same dashboard the video feed doesn’t work!
So the next part is this. After working with a more Network savvy person he showed me that the issue is ‘strict-origin-when-cross-origin’ In short, you can not tell a server to get info from another server via https. It has to do with security and such.
What tablet browser is it?
Depending on what you mean by the username and password being embedded in the URL, the following article may be helpful.
And it doesn’t sound like it’s the case here if you have a valid SSL certificate for the camera feed, but I’m adding it for reference.
I am using Dahua NVR for the home security cameras. I have set up stunnel and this all works perfectly. I can see the cameras via any laptop or desktop on any browser using the direct URL. In Sharp Tools, I put the links into the resource manager and they become intermittent as to connecting or not. The tablets are just an always, no go. I have attached a couple screen shots and here is a test link to a camera.
https://tester:tester123@1355corfu.ddns.net:440/cgi-bin/mjpg/video.cgi?channel=02&subtype=1
Here is the tablet info from Fully Kiosk cloud access and some screen shots off my laptop. The last screen shot in the Fully Kiosk app is of the tablet with the video page pulled up and no video feeds.
App Info
| Fully Device ID | b2af4332-7b8c61e6 |
|---|---|
| App package | de.ozerov.fully |
| undefined | -— |
| App version | 1.58.3-play (1403/1362) |
| undefined | -— |
| PLUS licensed | yes (App ID: 1) |
| undefined | -— |
| Start URL | https://sharptools.io/dashboard/view/ |
| undefined | -— |
| Current page | |
| undefined | -— |
| Maintenance mode | off |
| undefined | -— |
| Kiosk mode | off |
| undefined | -— |
| Motion detection | on |
| undefined | -— |
| Acoustic detection | on |
| undefined | -— |
| Movement detection | on |
| undefined | -— |
| Device admin | on |
| undefined | -— |
| Device owner | off |
| undefined | -— |
| Root available/enabled | no/no |
| undefined | -— |
| Last app start | 2025-07-31 22:37:31-0400 Logcat |
| undefined | -— |
| Active fragment | screensaver |
| undefined | -— |
| App RAM (free/total) | 110106/196608 KB |
| undefined | -— |
| Storage mode | scoped |
| undefined | -— |
| Cloud status | OK 0:20081:8000 at 2025-08-02 16:46:34 |
| undefined | -— |
Device Info
| Device Name | C5 |
|---|---|
| Hostname | 192.168.50.22 |
| undefined | -— |
| IPv4 addresses | 192.168.50.22 |
| undefined | -— |
| IPv6 addresses | FE80::A491:85FF: |
| undefined | -— |
| Mac addresses | A6:91:85:87: |
| undefined | -— |
| Wifi SSID | “Bob’s Home” |
| undefined | -— |
| undefined | -— |
| Battery level | 100.0% (plugged) |
| undefined | -— |
| Screen brightness | 225 |
| undefined | -— |
| Screen status | on |
| undefined | -— |
| Screen size | 1280x800 px |
| undefined | -— |
| Keyguard locked | on |
| undefined | -— |
| Wakelock full/partial/up | on/on/off |
| undefined | -— |
| Foreground app | de.ozerov.fully |
| undefined | -— |
| RAM (free/total) | 1422/5617 MB |
| undefined | -— |
| Internal storage (free/total) | 106069/122070 MB |
| undefined | -— |
| External storage (free/total) | 113/118 MB |
| undefined | -— |
| Android version | 14 (SDK 34) |
| undefined | -— |
| KNOX version/licensed | no/no |
| undefined | -— |
| Webview provider | com.google.android.webview |
| undefined | -— |
| Webview version | 138.0.7204.168 |
| undefined | -— |
| Webview UA | Mozilla/5.0 (Linux; Android 14; C5 Build/UP1A.231005.00… |
| undefined | -— |
| Device model | C5 (incar) |
| undefined | -— |
| Android build | C5-PD-T606.ROW-SW6_20240718 |
| undefined | -— |
| Serial | unknown |
| undefined | -— |
| Android ID | 57b32cf99bde0fc2 |
| undefined | -— |
Thanks for looking into this. Let me know if I can provide you with anything else.
Tim
I would recommend reading through the article I linked above about cameras that have the username and password embedded in the URLs
The short version is that browsers are starting to block camera URLs with embedded credentials (eg. http://user:pass@camera) so you should check if one of the alternatives could work for you:
- NVR software to pass the camera stream through
- Alternative credential approach for your camera (eg.
http://camera/?user=user&pass=pass) - See if the browser has overrides to support this
- Consider non-password protected LAN only options if available
The originally linked article has more details on each approach and links to another article with technical explanation of why browsers have started blocking embedded resources with this kind of credential format.
1 Like
Thank you. I will look into this more.