github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-22 16:14:20 -05:00
Code Issues 307 Packages Projects Releases 83 Wiki Activity

This is not a recognized Bitwarden server. You may need to check with your provider or update your server. #2172

New Issue
Closed
opened 2025-11-07 07:36:05 -06:00 by GiteaMirror · 7 comments
GiteaMirror commented 2025-11-07 07:36:05 -06:00
Owner
Copy Link

Originally created by @JIFVGWHvAseSovQ on GitHub (Feb 3, 2025).

Vaultwarden Support String

Vaultwarden Build Version

v1.33.0

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

freenginx1.27.4

Host/Server Operating System

Linux

Operating System Version

debian:bookworm

Clients

Android

Client Version

2015.1.1

Steps To Reproduce

The old version 2024.6.0 allows for successful login. However, after upgrading from version 2024.6.0 to the latest version, password vault synchronization works fine, logging out prevents re-login.

Expected Result

It is possible to log in successfully on the Android side.

Actual Result

https://i.postimg.cc/d0dTVx0y/IMG-20250203-131536.jpg

Logs

[2025-02-03 05:38:23.557][request][INFO] GET /api/devices/knowndevice
[2025-02-03 05:38:23.560][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK
[2025-02-03 05:38:26.921][request][INFO] POST /identity/accounts/prelogin
[2025-02-03 05:38:26.923][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK
[2025-02-03 05:38:40.638][request][INFO] POST /identity/connect/token
[2025-02-03 05:38:52.023][error][ERROR] 2FA token not provided
[2025-02-03 05:38:52.024][response][INFO] (login) POST /identity/connect/token => 400 Bad Request

Screenshots or Videos

https://i.postimg.cc/d0dTVx0y/IMG-20250203-131536.jpg

https://i.postimg.cc/7YfhLWsZ/Snipaste-2025-02-03-13-51-33.png

https://i.postimg.cc/bvG9Hgwy/Snipaste-2025-02-03-13-33-48.png

https://i.postimg.cc/d0dTVx0y/IMG-20250203-131536.jpg
https://i.postimg.cc/7YfhLWsZ/Snipaste-2025-02-03-13-51-33.png
https://i.postimg.cc/bvG9Hgwy/Snipaste-2025-02-03-13-33-48.png

Additional Context

The Edge extension works normally on the Windows side, but there is an issue with logging in on the Android side.

Originally created by @JIFVGWHvAseSovQ on GitHub (Feb 3, 2025). ### Vaultwarden Support String ### Vaultwarden Build Version v1.33.0 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy freenginx1.27.4 ### Host/Server Operating System Linux ### Operating System Version debian:bookworm ### Clients Android ### Client Version 2015.1.1 ### Steps To Reproduce The old version 2024.6.0 allows for successful login. However, after upgrading from version 2024.6.0 to the latest version, password vault synchronization works fine, logging out prevents re-login. ### Expected Result It is possible to log in successfully on the Android side. ### Actual Result [https://i.postimg.cc/d0dTVx0y/IMG-20250203-131536.jpg](url) ### Logs ```text [2025-02-03 05:38:23.557][request][INFO] GET /api/devices/knowndevice [2025-02-03 05:38:23.560][response][INFO] (get_known_device) GET /api/devices/knowndevice => 200 OK [2025-02-03 05:38:26.921][request][INFO] POST /identity/accounts/prelogin [2025-02-03 05:38:26.923][response][INFO] (prelogin) POST /identity/accounts/prelogin => 200 OK [2025-02-03 05:38:40.638][request][INFO] POST /identity/connect/token [2025-02-03 05:38:52.023][error][ERROR] 2FA token not provided [2025-02-03 05:38:52.024][response][INFO] (login) POST /identity/connect/token => 400 Bad Request ``` ### Screenshots or Videos https://i.postimg.cc/d0dTVx0y/IMG-20250203-131536.jpg https://i.postimg.cc/7YfhLWsZ/Snipaste-2025-02-03-13-51-33.png https://i.postimg.cc/bvG9Hgwy/Snipaste-2025-02-03-13-33-48.png [https://i.postimg.cc/d0dTVx0y/IMG-20250203-131536.jpg](url) [https://i.postimg.cc/7YfhLWsZ/Snipaste-2025-02-03-13-51-33.png](url) [https://i.postimg.cc/bvG9Hgwy/Snipaste-2025-02-03-13-33-48.png](url) ### Additional Context The Edge extension works normally on the Windows side, but there is an issue with logging in on the Android side.
GiteaMirror added the bug label 2025-11-07 07:36:05 -06:00
GiteaMirror commented 2025-11-07 07:36:06 -06:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Feb 3, 2025):

Please provide the support string as requested.
My guess is that your reverse proxy is modifying the responses.

@BlackDex commented on GitHub (Feb 3, 2025): Please provide the support string as requested. My guess is that your reverse proxy is modifying the responses.
GiteaMirror commented 2025-11-07 07:36:06 -06:00
Author
Owner
Copy Link

@JIFVGWHvAseSovQ commented on GitHub (Feb 3, 2025):

{
  "domain": "xxxxxxxxxxxx",
  "sends_allowed": false,
  "incomplete_2fa_time_limit": 3,
  "disable_icon_download": false,
  "signups_allowed": false,
  "signups_verify": true,
  "signups_verify_resend_time": 300,
  "signups_verify_resend_limit": 2,
  "signups_domains_whitelist": "xxxxxxxxxxxx",
  "invitations_allowed": false,
  "emergency_access_allowed": true,
  "email_change_allowed": true,
  "password_iterations": 500000000,
  "password_hints_allowed": false,
  "show_password_hint": false,
  "admin_token": "xxxxxxxxxxxx",
  "invitation_org_name": "xxxxxxxxxxxx",
  "ip_header": "X-Real-IP",
  "icon_redirect_code": 302,
  "icon_cache_ttl": 2592000,
  "icon_cache_negttl": 259200,
  "icon_download_timeout": 10,
  "http_request_block_non_global_ips": true,
  "disable_2fa_remember": true,
  "authenticator_disable_time_drift": true,
  "require_device_email": true,
  "reload_templates": true,
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "admin_session_lifetime": 20,
  "increase_note_size_limit": false,
  "_enable_yubico": true,
  "_enable_duo": true,
  "_enable_smtp": true,
  "use_sendmail": false,
  "smtp_host": "xxxxxxxxxxxx",
  "smtp_security": "force_tls",
  "smtp_port": 465,
  "smtp_from": "xxxxxxxxxxxx",
  "smtp_from_name": "Hatchback",
  "smtp_username": "xxxxxxxxxxxx",
  "smtp_password": "xxxxxxxxxxxx",
  "smtp_auth_mechanism": "login",
  "smtp_timeout": 15,
  "smtp_embed_images": true,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "_enable_email_2fa": true,
  "email_token_size": 6,
  "email_expiration_time": 300,
  "email_attempts_limit": 3,
  "email_2fa_enforce_on_verified_invite": false,
  "email_2fa_auto_fallback": false
}
@JIFVGWHvAseSovQ commented on GitHub (Feb 3, 2025): ``` { "domain": "xxxxxxxxxxxx", "sends_allowed": false, "incomplete_2fa_time_limit": 3, "disable_icon_download": false, "signups_allowed": false, "signups_verify": true, "signups_verify_resend_time": 300, "signups_verify_resend_limit": 2, "signups_domains_whitelist": "xxxxxxxxxxxx", "invitations_allowed": false, "emergency_access_allowed": true, "email_change_allowed": true, "password_iterations": 500000000, "password_hints_allowed": false, "show_password_hint": false, "admin_token": "xxxxxxxxxxxx", "invitation_org_name": "xxxxxxxxxxxx", "ip_header": "X-Real-IP", "icon_redirect_code": 302, "icon_cache_ttl": 2592000, "icon_cache_negttl": 259200, "icon_download_timeout": 10, "http_request_block_non_global_ips": true, "disable_2fa_remember": true, "authenticator_disable_time_drift": true, "require_device_email": true, "reload_templates": true, "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "admin_session_lifetime": 20, "increase_note_size_limit": false, "_enable_yubico": true, "_enable_duo": true, "_enable_smtp": true, "use_sendmail": false, "smtp_host": "xxxxxxxxxxxx", "smtp_security": "force_tls", "smtp_port": 465, "smtp_from": "xxxxxxxxxxxx", "smtp_from_name": "Hatchback", "smtp_username": "xxxxxxxxxxxx", "smtp_password": "xxxxxxxxxxxx", "smtp_auth_mechanism": "login", "smtp_timeout": 15, "smtp_embed_images": true, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "_enable_email_2fa": true, "email_token_size": 6, "email_expiration_time": 300, "email_attempts_limit": 3, "email_2fa_enforce_on_verified_invite": false, "email_2fa_auto_fallback": false } ```
GiteaMirror commented 2025-11-07 07:36:06 -06:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Feb 3, 2025):

I'm missing an important part of the string.
Just paste everything it generates

@BlackDex commented on GitHub (Feb 3, 2025): I'm missing an important part of the string. Just paste everything it generates
GiteaMirror commented 2025-11-07 07:36:06 -06:00
Author
Owner
Copy Link

@JIFVGWHvAseSovQ commented on GitHub (Feb 3, 2025):

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.33.0
  • Web-vault version: v2025.1.1
  • OS/Arch: linux/x86_64
  • Running within a container: true (Base: Debian)
  • Database type: SQLite
  • Database version: 3.46.0
  • Environment settings overridden!: true
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Browser/Server Time Check: true
  • Server/NTP Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Websocket Check: true
  • HTTP Response Checks: false

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: INVITATIONS_ALLOWED, EMAIL_CHANGE_ALLOWED, PASSWORD_HINTS_ALLOWED, SHOW_PASSWORD_HINT, DISABLE_2FA_REMEMBER, AUTHENTICATOR_DISABLE_TIME_DRIFT, REQUIRE_DEVICE_EMAIL, LOG_TIMESTAMP_FORMAT, SMTP_TIMEOUT, EMAIL_2FA_AUTO_FALLBACK

Failed HTTP Checks:

2FA Connector calls:
Header: 'x-frame-options' is present while it should not
Header: 'content-security-policy' is present while it should not
HTTP error responses:
Response to: 404 (Not Found) HTML is invalid

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": true,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": true,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://*******************************",
  "domain_origin": "*****://*******************************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 300,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": true,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "extension-refresh,ssh-key-vault-item,ssh-agent,autofill-v2,autofill-overlay",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Hatchback",
  "invitations_allowed": false,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "data/vault.log",
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": false,
  "password_iterations": 20000000,
  "push_enabled": true,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://api.bitwarden.com",
  "reload_templates": true,
  "require_device_email": true,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": false,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "*****************",
  "signups_verify": true,
  "signups_verify_resend_limit": 2,
  "signups_verify_resend_time": 300,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "login",
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "**************************",
  "smtp_from_name": "Hatchback",
  "smtp_host": "************",
  "smtp_password": "***",
  "smtp_port": 465,
  "smtp_security": "force_tls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "**************************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": true,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": false,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}
@JIFVGWHvAseSovQ commented on GitHub (Feb 3, 2025): ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.33.0 * Web-vault version: v2025.1.1 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Database type: SQLite * Database version: 3.46.0 * Environment settings overridden!: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: false ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** INVITATIONS_ALLOWED, EMAIL_CHANGE_ALLOWED, PASSWORD_HINTS_ALLOWED, SHOW_PASSWORD_HINT, DISABLE_2FA_REMEMBER, AUTHENTICATOR_DISABLE_TIME_DRIFT, REQUIRE_DEVICE_EMAIL, LOG_TIMESTAMP_FORMAT, SMTP_TIMEOUT, EMAIL_2FA_AUTO_FALLBACK **Failed HTTP Checks:** ```yaml 2FA Connector calls: Header: 'x-frame-options' is present while it should not Header: 'content-security-policy' is present while it should not HTTP error responses: Response to: 404 (Not Found) HTML is invalid ``` **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": true, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": true, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://*******************************", "domain_origin": "*****://*******************************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 300, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": true, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "extension-refresh,ssh-key-vault-item,ssh-agent,autofill-v2,autofill-overlay", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Hatchback", "invitations_allowed": false, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": "data/vault.log", "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": false, "password_iterations": 20000000, "push_enabled": true, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://api.bitwarden.com", "reload_templates": true, "require_device_email": true, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": false, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "*****************", "signups_verify": true, "signups_verify_resend_limit": 2, "signups_verify_resend_time": 300, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": "login", "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "**************************", "smtp_from_name": "Hatchback", "smtp_host": "************", "smtp_password": "***", "smtp_port": 465, "smtp_security": "force_tls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "**************************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": true, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": false, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details>
GiteaMirror commented 2025-11-07 07:36:06 -06:00
Author
Owner
Copy Link

@JIFVGWHvAseSovQ commented on GitHub (Feb 3, 2025):

add_header X-Frame-Options "DENY" always;
add_header Content-Security-Policy "manifest-src 'self'; connect-src 'self'; frame-ancestors 'self'; child-src 'self'; frame-ancestors 'self'; font-src 'self'; block-all-mixed-content 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;" always;
@JIFVGWHvAseSovQ commented on GitHub (Feb 3, 2025): ``` add_header X-Frame-Options "DENY" always; add_header Content-Security-Policy "manifest-src 'self'; connect-src 'self'; frame-ancestors 'self'; child-src 'self'; frame-ancestors 'self'; font-src 'self'; block-all-mixed-content 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;" always; ```
GiteaMirror commented 2025-11-07 07:36:07 -06:00
Author
Owner
Copy Link

@aeoneros commented on GitHub (Feb 3, 2025):

Hey guys, having the same Issue :)
Just updated from 1.32.7 to 1.33.0

https://i.imgur.com/FplMJGf.png
https://i.imgur.com/nu1TwqG.png

Hope this helps.

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.33.0
  • Web-vault version: v2025.1.1
  • OS/Arch: linux/x86_64
  • Running within a container: true (Base: Debian)
  • Database type: SQLite
  • Database version: 3.46.0
  • Environment settings overridden!: true
  • Uses a reverse proxy: false
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Browser/Server Time Check: true
  • Server/NTP Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Websocket Check: true
  • HTTP Response Checks: false

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: DOMAIN, SENDS_ALLOWED, SIGNUPS_ALLOWED, SIGNUPS_VERIFY, SIGNUPS_VERIFY_RESEND_TIME, SIGNUPS_VERIFY_RESEND_LIMIT, SIGNUPS_DOMAINS_WHITELIST, INVITATIONS_ALLOWED, EMERGENCY_ACCESS_ALLOWED, SHOW_PASSWORD_HINT, ADMIN_TOKEN, INVITATION_ORG_NAME, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, SMTP_FROM_NAME, SMTP_USERNAME, SMTP_PASSWORD, SMTP_AUTH_MECHANISM, SMTP_TIMEOUT

Failed HTTP Checks:

2FA Connector calls:
Header: 'cross-origin-resource-policy' is missing!

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://***************************",
  "domain_origin": "*****://***************************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": false,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "fido2-vault-credentials",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "HomeVault",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "/data/vaultwarden.log",
  "log_level": "info",
  "log_timestamp_format": "%d-%m-%Y %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": 5120000,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": true,
  "signups_allowed": false,
  "signups_domains_whitelist": "*************",
  "signups_verify": true,
  "signups_verify_resend_limit": 3,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "Login",
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*************************",
  "smtp_from_name": "XXXX",
  "smtp_host": "******************",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 30,
  "smtp_username": "*************************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": 60,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": 512000,
  "user_send_limit": 1000000,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}
@aeoneros commented on GitHub (Feb 3, 2025): Hey guys, having the same Issue :) Just updated from 1.32.7 to 1.33.0 https://i.imgur.com/FplMJGf.png https://i.imgur.com/nu1TwqG.png Hope this helps. ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.33.0 * Web-vault version: v2025.1.1 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Database type: SQLite * Database version: 3.46.0 * Environment settings overridden!: true * Uses a reverse proxy: false * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: false ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** DOMAIN, SENDS_ALLOWED, SIGNUPS_ALLOWED, SIGNUPS_VERIFY, SIGNUPS_VERIFY_RESEND_TIME, SIGNUPS_VERIFY_RESEND_LIMIT, SIGNUPS_DOMAINS_WHITELIST, INVITATIONS_ALLOWED, EMERGENCY_ACCESS_ALLOWED, SHOW_PASSWORD_HINT, ADMIN_TOKEN, INVITATION_ORG_NAME, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, SMTP_FROM_NAME, SMTP_USERNAME, SMTP_PASSWORD, SMTP_AUTH_MECHANISM, SMTP_TIMEOUT **Failed HTTP Checks:** ```yaml 2FA Connector calls: Header: 'cross-origin-resource-policy' is missing! ``` **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://***************************", "domain_origin": "*****://***************************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": false, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "HomeVault", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": "/data/vaultwarden.log", "log_level": "info", "log_timestamp_format": "%d-%m-%Y %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": 5120000, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": true, "signups_allowed": false, "signups_domains_whitelist": "*************", "signups_verify": true, "signups_verify_resend_limit": 3, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": "Login", "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "*************************", "smtp_from_name": "XXXX", "smtp_host": "******************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 30, "smtp_username": "*************************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": 60, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": 512000, "user_send_limit": 1000000, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details>
GiteaMirror commented 2025-11-07 07:36:07 -06:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Feb 3, 2025):

You need to let Vaultwarden handle the headers and not your reverse proxy.

Same for catching error pages, that should not be done. All those pages need to be unmodified

@BlackDex commented on GitHub (Feb 3, 2025): You need to let Vaultwarden handle the headers and not your reverse proxy. Same for catching error pages, that should not be done. All those pages need to be unmodified
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#2172
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?