github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-05-06 07:48:22 -05:00
Code Issues 1.1k Packages Projects Releases 122 Wiki Activity

[GH-ISSUE #6313] [PM-30368] WebAuthn is not working on 2025.12.0 due to Invalid Target Origin #39389

New Issue
Open
opened 2026-04-23 18:14:34 -05:00 by GiteaMirror · 8 comments
GiteaMirror commented 2026-04-23 18:14:34 -05:00
Owner
Copy Link

Originally created by @WilliamWsyHK on GitHub (Jan 1, 2026).
Original GitHub issue: https://github.com/bitwarden/android/issues/6313

Steps To Reproduce

  1. Type "Master Password" and login
  2. In "Verify WebAuthn" page, press "Open WebAuthn" button
  3. The page of "WebAuthn" is shown using Android's default browser in-app

Expected Result

The WebAuthn page should render correctly and allow user to complete the WebAuthn flow to login Bitwarden.

Actual Result

  1. The page is shown with blank "WebAuthn" button as shown in screenshot
  2. The F12 console (on PC, by copying the URL from android browser to PC) shows "bitwarden://webauthn-callback" is invalid target origin
  3. Chrome remote debugging the Android Chrome page on the same page also gives the same error

Screenshots or Videos

Image Image

Additional Context

No response

Build Version

2025.12.0

What server are you connecting to?

US

Self-host Server Version

No response

Environment Details

  1. The screenshot is from this device

    • Device: OnePlus Ace 6T (Chinese version of OnePlus 15R)
    • OS: ColorOS 16 (Chinese version of OxygenOS; based on Android 16)

  2. This is my previous device, encountered the same error

    • Device: Nokia 7 Plus
    • OS: Android 9

Issue Tracking Info

  • I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
Originally created by @WilliamWsyHK on GitHub (Jan 1, 2026). Original GitHub issue: https://github.com/bitwarden/android/issues/6313 ### Steps To Reproduce 1. Type "Master Password" and login 2. In "Verify WebAuthn" page, press "Open WebAuthn" button 3. The page of "WebAuthn" is shown using Android's default browser in-app ### Expected Result The WebAuthn page should render correctly and allow user to complete the WebAuthn flow to login Bitwarden. ### Actual Result 1. The page is shown with blank "WebAuthn" button as shown in screenshot 2. The F12 console (on PC, by copying the URL from android browser to PC) shows "bitwarden://webauthn-callback" is invalid target origin 3. Chrome remote debugging the Android Chrome page on the same page also gives the same error ### Screenshots or Videos <img width="1659" height="727" alt="Image" src="https://github.com/user-attachments/assets/9ead9c85-7764-4a1b-84c4-52d22450a4d8" /> <img width="626" height="633" alt="Image" src="https://github.com/user-attachments/assets/54ea4b5d-3716-4c8c-b1a0-385c5364e89f" /> ### Additional Context _No response_ ### Build Version 2025.12.0 ### What server are you connecting to? US ### Self-host Server Version _No response_ ### Environment Details 1. The screenshot is from this device - Device: OnePlus Ace 6T (Chinese version of OnePlus 15R) - OS: ColorOS 16 (Chinese version of OxygenOS; based on Android 16) 2. This is my previous device, encountered the same error - Device: Nokia 7 Plus - OS: Android 9 ### Issue Tracking Info - [x] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
GiteaMirror added the bugapp:password-manager labels 2026-04-23 18:14:34 -05:00
GiteaMirror commented 2026-04-23 18:14:35 -05:00
Author
Owner
Copy Link

@WilliamWsyHK commented on GitHub (Jan 1, 2026):

Just a reference on comment https://github.com/bitwarden/android/issues/5014#issuecomment-3514968724 as it is showing the exact same screen.

<!-- gh-comment-id:3703641793 --> @WilliamWsyHK commented on GitHub (Jan 1, 2026): Just a reference on comment https://github.com/bitwarden/android/issues/5014#issuecomment-3514968724 as it is showing the exact same screen.
GiteaMirror commented 2026-04-23 18:14:35 -05:00
Author
Owner
Copy Link

@bitwarden-bot commented on GitHub (Jan 1, 2026):

Thank you for your report! We've added this to our internal board for review.
ID: PM-30368

<!-- gh-comment-id:3703641992 --> @bitwarden-bot commented on GitHub (Jan 1, 2026): Thank you for your report! We've added this to our internal board for review. ID: [PM-30368](https://bitwarden.atlassian.net/browse/PM-30368) [PM-30368]: https://bitwarden.atlassian.net/browse/PM-30368?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ
GiteaMirror commented 2026-04-23 18:14:36 -05:00
Author
Owner
Copy Link

@Adedamola-Aina commented on GitHub (Jan 5, 2026):

Hi @WilliamWsyHK ,

I am unable to reproduce this issue, it has been escalated for further investigation. If you have more information that can help us, please add it below.

Thanks!

<!-- gh-comment-id:3709379946 --> @Adedamola-Aina commented on GitHub (Jan 5, 2026): Hi @WilliamWsyHK , I am unable to reproduce this issue, it has been escalated for further investigation. If you have more information that can help us, please add it below. Thanks!
GiteaMirror commented 2026-04-23 18:14:36 -05:00
Author
Owner
Copy Link

@wy16W2pIilK1xgqN commented on GitHub (Jan 21, 2026):

I am having the same issue on my Redmi phone

<!-- gh-comment-id:3781594168 --> @wy16W2pIilK1xgqN commented on GitHub (Jan 21, 2026): I am having the same issue on my Redmi phone
GiteaMirror commented 2026-04-23 18:14:37 -05:00
Author
Owner
Copy Link

@TimNekk commented on GitHub (Mar 8, 2026):

Same issue on OnePlus 15

<!-- gh-comment-id:4019148290 --> @TimNekk commented on GitHub (Mar 8, 2026): Same issue on OnePlus 15
GiteaMirror commented 2026-04-23 18:14:37 -05:00
Author
Owner
Copy Link

@pamperer562580892423 commented on GitHub (Mar 8, 2026):

@WilliamWsyHK @wy16W2pIilK1xgqN @TimNekk It could be helpful for tracking that bug, if you added your app/device details (i.e. copy & paste the following in here: BW app --> Settings --> About --> Version).

<!-- gh-comment-id:4019203704 --> @pamperer562580892423 commented on GitHub (Mar 8, 2026): @WilliamWsyHK @wy16W2pIilK1xgqN @TimNekk It could be helpful for tracking that bug, if you added your app/device details (i.e. copy & paste the following in here: BW app --> Settings --> About --> Version).
GiteaMirror commented 2026-04-23 18:14:38 -05:00
Author
Owner
Copy Link

@TimNekk commented on GitHub (Mar 8, 2026):

@WilliamWsyHK @wy16W2pIilK1xgqN @TimNekk It could be helpful for tracking that bug, if you added your app/device details (i.e. copy & paste the following in here: BW app --> Settings --> About --> Version).

© Bitwarden Inc. 2015-2026

Version: 2026.2.0 (21203)
📱 OnePlus CPH2747 🤖 16@36 📦 prod -fdroid
🧱 commit: bitwarden/android/release/2026.2-rc46@cbe13d2015f97955de1e0f11a229330ddd4654c0
💻 build source: bitwarden/android/actions/runs/21762978463/attempts/1
🦀 SDK: 2.0.0-4872-065ef30b
🌩 Server: 2026.2.1 @ US

<!-- gh-comment-id:4019243281 --> @TimNekk commented on GitHub (Mar 8, 2026): > [@WilliamWsyHK](https://github.com/WilliamWsyHK) [@wy16W2pIilK1xgqN](https://github.com/wy16W2pIilK1xgqN) [@TimNekk](https://github.com/TimNekk) It could be helpful for tracking that bug, if you added your app/device details (i.e. copy & paste the following in here: BW app --> Settings --> About --> Version). © Bitwarden Inc. 2015-2026 Version: 2026.2.0 (21203) 📱 OnePlus CPH2747 🤖 16@36 📦 prod -fdroid 🧱 commit: bitwarden/android/release/2026.2-rc46@cbe13d2015f97955de1e0f11a229330ddd4654c0 💻 build source: bitwarden/android/actions/runs/21762978463/attempts/1 🦀 SDK: 2.0.0-4872-065ef30b 🌩 Server: 2026.2.1 @ US
GiteaMirror commented 2026-04-23 18:14:39 -05:00
Author
Owner
Copy Link

@WilliamWsyHK commented on GitHub (Mar 8, 2026):

Same as TimNekk, just different device.

© Bitwarden Inc. 2015-2026

Version: 2026.2.0 (21203)
📱 OnePlus PLR110 🤖 16@36 📦 prod
🧱 commit: bitwarden/android/release/2026.2-rc46@cbe13d2015f97955de1e0f11a229330ddd4654c0
💻 build source: bitwarden/android/actions/runs/21762978463/attempts/1
🦀 SDK: 2.0.0-4872-065ef30b
🌩 Server: 2026.2.1 @ US

<!-- gh-comment-id:4019489114 --> @WilliamWsyHK commented on GitHub (Mar 8, 2026): Same as TimNekk, just different device. © Bitwarden Inc. 2015-2026 Version: 2026.2.0 (21203) 📱 OnePlus PLR110 🤖 16@36 📦 prod 🧱 commit: bitwarden/android/release/2026.2-rc46@cbe13d2015f97955de1e0f11a229330ddd4654c0 💻 build source: bitwarden/android/actions/runs/21762978463/attempts/1 🦀 SDK: 2.0.0-4872-065ef30b 🌩 Server: 2026.2.1 @ US
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label app:password-manager bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#39389
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?