Open HTTP streams in raw new tab instead of custom HTTPS player

The custom /radio/stream-player/ page is served over HTTPS, so the browser
still applies mixed-content restrictions and upgrades http:// audio to https://,
which fails for streams without TLS support.

Fix: window.open(url, '_blank') navigates the tab directly to the HTTP URL.
The tab itself is then HTTP, bypassing mixed-content restrictions entirely.
Browser plays the stream natively with its built-in audio player.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

static/js/app.js

@@ -67,11 +67,12 @@ function escapeHtml(str) {
 function playStation(url, name, stationId) {
   stopPlayback(false);
 
-  // HTTP stream on HTTPS page → open minimal player in new tab, keep main window as home base
+  // HTTP stream on HTTPS page: the custom /radio/stream-player/ is also HTTPS,
+  // so the browser still blocks the HTTP audio (mixed content upgrade → HTTPS fails).
+  // Opening the raw HTTP URL directly navigates the tab to HTTP itself —
+  // no mixed-content restriction, browser plays it natively.
   if (location.protocol === 'https:' && url.startsWith('http://')) {
-    const vol = localStorage.getItem('diora_volume') || '204';
-    const params = new URLSearchParams({ url, name, vol });
-    window.open('/radio/stream-player/?' + params, '_blank');
+    window.open(url, '_blank');
     return;
   }
 

templates/radio/stream_player.html

@@ -156,8 +156,7 @@
       if (playing) stopPlay(); else startPlay();
     });
 
-    // Auto-play on load
-    document.addEventListener('DOMContentLoaded', startPlay);
+    document.getElementById('track-name').textContent = 'Click Play to start';
   </script>
 </body>
 </html>