mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2026-07-16 08:54:01 -05:00
[GH-ISSUE #3394] Request guard KnownDevice failed: "X-Request-Email value failed to decode as base64url"
#34503
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @NoseyNick on GitHub (Mar 30, 2023).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/3394
Subject of the issue
Request guard
KnownDevicefailed: "X-Request-Email value failed to decode as base64url".Web vault works fine (2023.3.0)
Android app (2023.3.2 - latest?) gives "we were unable to process your request, please try again or contact us".
Firefox addon (2023.3.0 - latest? but also 2023.2.1 before that) gives whirly wait-spinner thing.
... but only for ONE USER. Six other users work fine. Log says:
Deployment environment
Your environment (Generated via diagnostics page)
Config (Generated via diagnostics page)
Show Running Config
Environment settings which are overridden:
It's not "running under docker" as such, but it IS running the docker image - vaultwarden/server:alpine - 2023.3.0 - under runc. Essentially exactly the same as running under Podman. A lot like docker but with less bloat.
Clients used: Web vault works fine (2023.3.0)
Android app (2023.3.2 - latest?) gives "we were unable to process your request, please try again or contact us".
Firefox addon (2023.3.0 - latest? but also 2023.2.1 before that)
Reverse proxy and version: Apache
Other relevant details:
Steps to reproduce
Honestly not sure what's so "special" about this one particular user 😐
Expected behaviour
Log in?
Actual behaviour
Above error on android. Whirly wait-pointer on firefox plugin.
Troubleshooting data
@NoseyNick commented on GitHub (Mar 30, 2023):
If I sniff the traffic on the unencrypted side, INSIDE Apache...
I don't have permission to share the user's email address, but the header it's complaining about is a lot like...
Where is is indeed arguably not valid base64 UNTIL you add the
==on the end, then it decodes (user@domain.fictabove)... Which is not unusual for HTTP transfer like this? It's also working fine for 6 other users, one of whom has an email address of the same length 😕@tessus commented on GitHub (Mar 30, 2023):
fixed 3 days ago.
see
62cebebd3d@NoseyNick commented on GitHub (Mar 30, 2023):
Wait... has that made it into
vaultwarden/server:alpineyet, or am I waiting for a docker image to be spun? 🤔@tessus commented on GitHub (Mar 30, 2023):
it should be in the testing image
@NoseyNick commented on GitHub (Mar 30, 2023):
Is there such a thing as an
alpine-testingfor the slimmed down version? I'll give it a go@NoseyNick commented on GitHub (Mar 30, 2023):
Found
vaultwarden/server:testing-alpineand...... and asks for master password, and syncs fine 😀
Splendiiiiid, will stick on
testing-alpineuntil I see the next real release then.Many thanks @tessus !
Duplicates #3375 - apologies! 🙈
@tessus commented on GitHub (Mar 30, 2023):
You are welcome
@NoseyNick commented on GitHub (Mar 30, 2023):
Would vote for a full release though. I assume almost 2/3rds of Android users and 2/3rds of browser plugin users are broken right now? Some may not know it until they next need to log in?
@stefan0xC commented on GitHub (Mar 30, 2023):
@dani-garcia I think it would make sense to make a hot fix release (once #3390 has been merged).
@BlackDex commented on GitHub (Mar 30, 2023):
We want to wait for more issues to be reported on other items. We already had one other besides this one. Both are fixed. But yea, a .1 release is probably a good thing