Background
The stream handler suppresses Jellyfin error bodies but forwards status codes as-is.
A Jellyfin 401 (e.g. stale internal token) reaches the client looking identical to a
proxy auth failure, even though the client's own JWT is valid. Clients can't distinguish
between the two.
What changes
- Map all Jellyfin 4xx/5xx responses to 502 Bad Gateway in ModifyResponse
- Body is already suppressed; only status code remapping needed
Background
The stream handler suppresses Jellyfin error bodies but forwards status codes as-is.
A Jellyfin 401 (e.g. stale internal token) reaches the client looking identical to a
proxy auth failure, even though the client's own JWT is valid. Clients can't distinguish
between the two.
What changes