diff --git a/backend/handler/metadata/base_handler.py b/backend/handler/metadata/base_handler.py
index d4b5cf088..d56e97ed4 100644
--- a/backend/handler/metadata/base_handler.py
+++ b/backend/handler/metadata/base_handler.py
@@ -106,6 +106,7 @@ def _normalize_search_term(
 def strip_sensitive_query_params(
     url: str, sensitive_keys: set[str] = SENSITIVE_KEYS
 ) -> str:
+    """Remove sensitive query parameters from a URL."""
     parsed = urlparse(url)
     qsl = parse_qsl(parsed.query, keep_blank_values=True)
 
@@ -120,8 +121,10 @@ def restore_sensitive_query_params(url: str, params: dict[str, str]) -> str:
     """Add back key/value pairs previously stripped by strip_sensitive_query_params."""
     parsed = urlparse(url)
     qsl = parse_qsl(parsed.query, keep_blank_values=True)
+
     existing = {k.lower() for k in params}
     filtered = [(k, v) for k, v in qsl if k.lower() not in existing]
+
     new_query = urlencode(filtered + list(params.items()))
     return urlunparse(parsed._replace(query=new_query))
 
diff --git a/backend/handler/metadata/ss_handler.py b/backend/handler/metadata/ss_handler.py
index 7b63d724b..b72bb4c90 100644
--- a/backend/handler/metadata/ss_handler.py
+++ b/backend/handler/metadata/ss_handler.py
@@ -36,17 +36,16 @@ SENSITIVE_KEYS = {"ssid", "sspassword"}
 
 def add_ss_auth_to_url(url: str) -> str:
     """Re-add SS user credentials to a media URL at download time (never stored)."""
-    creds = {
-        k: v
-        for k, v in {
+    if not SCREENSCRAPER_USER or not SCREENSCRAPER_PASSWORD:
+        return url
+
+    return restore_sensitive_query_params(
+        url,
+        {
             "ssid": SCREENSCRAPER_USER,
             "sspassword": SCREENSCRAPER_PASSWORD,
-        }.items()
-        if v
-    }
-    if not creds:
-        return url
-    return restore_sensitive_query_params(url, creds)
+        },
+    )
 
 
 def get_preferred_regions(rom: Rom | None = None) -> list[str]: