U2F Chrome extension #3781

New Issue

Closed

opened 2026-03-07 19:11:30 -06:00 by GiteaMirror · 4 comments

GiteaMirror commented 2026-03-07 19:11:30 -06:00

Owner

Copy Link

Originally created by @dheimerl on GitHub (Nov 27, 2018).

I have U2F working, when I log into the web vault, it prompts me to insert my U2F key and press the button. When I try to log into the Chrome extension, it never prompts for the U2F key and in the console error logs in Chrome, I get this message

Refused to display 'https://bw.unitelinc.com:6443/u2f-connector.html?data=eyJhcHBJZCI6Imh0dHBzOi8vYncudW5pdGVsaW5jLmNvbTo2NDQzL2FwcC1pZC5qc29uIiwiY2hhbGxlbmdlIjoiVG1aR2FFVldMemswTURjNGJIVTRjalY1TkhOYWEzWTBjMHh1UWxvMmQxRXJlRkZTV1dsRlptbFViejA9Iiwia2V5cyI6W3sidmVyc2lvbiI6IlUyRl9WMiIsImtleUhhbmRsZSI6IkFUcm1sYjJha1FJTE16VmRZNFozZWxnVzA2amgtcGlxcFJTYWxibGZVRnFuVWN1dGFvUHZROGV6XzVQcDEzNmF3MGozc0pkSDdLVW5DelFiQW4wdmZ0NUtXWksyaWlONVpGZ3dZQlcwdVV5Z1MtTElYNFUzY3F6a194QVI2R2RqIn1dfQ==&parent=chrome-extension%3A%2F%2Fnngceckbapebfimnlniiiahkandclblb%2Fpopup%2Findex.html%23%2F2fa&v=1' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Any ideas? I'm running the latest bitwarden_rs docker image, just pulled it this afternoon.

Originally created by @dheimerl on GitHub (Nov 27, 2018). I have U2F working, when I log into the web vault, it prompts me to insert my U2F key and press the button. When I try to log into the Chrome extension, it never prompts for the U2F key and in the console error logs in Chrome, I get this message `Refused to display 'https://bw.unitelinc.com:6443/u2f-connector.html?data=eyJhcHBJZCI6Imh0dHBzOi8vYncudW5pdGVsaW5jLmNvbTo2NDQzL2FwcC1pZC5qc29uIiwiY2hhbGxlbmdlIjoiVG1aR2FFVldMemswTURjNGJIVTRjalY1TkhOYWEzWTBjMHh1UWxvMmQxRXJlRkZTV1dsRlptbFViejA9Iiwia2V5cyI6W3sidmVyc2lvbiI6IlUyRl9WMiIsImtleUhhbmRsZSI6IkFUcm1sYjJha1FJTE16VmRZNFozZWxnVzA2amgtcGlxcFJTYWxibGZVRnFuVWN1dGFvUHZROGV6XzVQcDEzNmF3MGozc0pkSDdLVW5DelFiQW4wdmZ0NUtXWksyaWlONVpGZ3dZQlcwdVV5Z1MtTElYNFUzY3F6a194QVI2R2RqIn1dfQ==&parent=chrome-extension%3A%2F%2Fnngceckbapebfimnlniiiahkandclblb%2Fpopup%2Findex.html%23%2F2fa&v=1' in a frame because it set 'X-Frame-Options' to 'sameorigin'.` Any ideas? I'm running the latest bitwarden_rs docker image, just pulled it this afternoon.

GiteaMirror closed this issue 2026-03-07 19:11:30 -06:00

GiteaMirror commented 2026-03-07 19:11:31 -06:00

Author

Owner

Copy Link

@dani-garcia commented on GitHub (Nov 27, 2018):

Something like this already ocurred to someone else, I think the solution was making some changes to the content security policy, but I can't find the comment right now. I'll see if I can find it later.

@dani-garcia commented on GitHub (Nov 27, 2018): Something like this already ocurred to someone else, I think the solution was making some changes to the content security policy, but I can't find the comment right now. I'll see if I can find it later.

GiteaMirror commented 2026-03-07 19:11:31 -06:00

Author

Owner

Copy Link

@fbartels commented on GitHub (Nov 27, 2018):

I was about to write the same. Are you running bitwarden_rs through a reverse proxy? Such errors usually appears when embedding sites in an iframe.

@fbartels commented on GitHub (Nov 27, 2018): I was about to write the same. Are you running bitwarden_rs through a reverse proxy? Such errors usually appears when embedding sites in an iframe.

GiteaMirror commented 2026-03-07 19:11:31 -06:00

Author

Owner

Copy Link

@fbartels commented on GitHub (Nov 28, 2018):

https://github.com/dani-garcia/bitwarden_rs/issues/44 is likely the ticket @dani-garcia had in mind. I initially read it wrong thinking you were trying to use the u2f token in the web vault directly, but you already said you were using the chrome extension.

@fbartels commented on GitHub (Nov 28, 2018): https://github.com/dani-garcia/bitwarden_rs/issues/44 is likely the ticket @dani-garcia had in mind. I initially read it wrong thinking you were trying to use the u2f token in the web vault directly, but you already said you were using the chrome extension.

GiteaMirror commented 2026-03-07 19:11:32 -06:00

Author

Owner

Copy Link

@dani-garcia commented on GitHub (Dec 18, 2018):

This has been fixed by #293.

@dani-garcia commented on GitHub (Dec 18, 2018): This has been fixed by #293.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#3781