

I’m insufferable? You’re the one relying on personal attacks to make your point. Then run away with tail between legs when I show you 1) how it’s not the same as your case and 2) how other current internet operations WOULD be the same, and there’s no lawsuits in regards to those things.
Sure. Now who here wants to litigate it and find out?
Web scanners/crawlers aren’t illegal though. And since it’s not authenticated there’s no attempt to break any security/authentication/encryption. You don’t get in trouble for finding a random URL in a google search and accessing it. You’d get in trouble if you had to bypass some security measure to get there.
The point of this all is that these endpoints have no measure in place. Seemingly on purpose, and it’s documented by the maintainers that they don’t intend to fix it and leaving it open is intentional.
You can gamble it. I won’t. I just can’t accept that “Jellyfin is better” that keeps getting pushed when big gaping problematic holes like this exist.