diff --git a/services/web-ui/public/screens-asset.jsx b/services/web-ui/public/screens-asset.jsx
index 61b2f8d..833dfd7 100644
--- a/services/web-ui/public/screens-asset.jsx
+++ b/services/web-ui/public/screens-asset.jsx
@@ -90,7 +90,10 @@ function AssetDetail({ asset, onClose }) {
     const build = async function() {
       setFilmstripLoading(true);
       const probe = document.createElement('video');
-      probe.crossOrigin = 'anonymous';
+      // Do NOT set crossOrigin — the /video endpoint is same-origin and requires
+      // session cookies. crossOrigin='anonymous' strips credentials → 401 → load
+      // fails → filmstrip never builds. Same-origin video can be drawn to canvas
+      // without crossOrigin (no taint applies).
       probe.muted = true;
       probe.playsInline = true;
       probe.preload = 'auto';