[GH-ISSUE #2506] Some image links are broken when using a base directory other than the server root #38530

Closed
opened 2026-07-17 04:27:47 -05:00 by GiteaMirror · 5 comments
Owner

Originally created by @rohanshekhar on GitHub (May 28, 2022).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/2506

Subject of the issue

Image reference "totp-countdown.png" is broken when DOMAIN base directory is set to something other than the root directory.

Deployment environment

  • vaultwarden version: latest
  • Install method: Docker Image

  • Clients used: Desktop

  • Reverse proxy and version: Nginx

  • Other relevant details:

Steps to reproduce

Log into the web interface and open any saved password.

Expected behaviour

The image totp-countdown.png to the right of the Authenticator Key field should be displayed.
image

Actual behaviour

The image reference is broken. When inspecting the element, it shows a relative path "../../images/totp-countdown.png" which moves it to a top-level directory above the bitwarden base directory (which in my case has the structure https://example.com/bitwarden/).

Troubleshooting data

The image seems to be referenced somewhere inside the angular app. Tried to rewrite "../../images/" to "./images" using the http sub module in Nginx but it seems not to modify the resulting HTML. As a workaround, I've used an ugly hack to rewrite /images/ to /bitwarden/images but this makes the subfolder unavailable to other docker containers.

Originally created by @rohanshekhar on GitHub (May 28, 2022). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/2506 <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue Image reference "totp-countdown.png" is broken when DOMAIN base directory is set to something other than the root directory. ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: latest <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: Docker Image * Clients used: Desktop * Reverse proxy and version: Nginx * Other relevant details: ### Steps to reproduce Log into the web interface and open any saved password. ### Expected behaviour The image totp-countdown.png to the right of the Authenticator Key field should be displayed. <img width="559" alt="image" src="https://user-images.githubusercontent.com/29293499/170811295-2bb54306-a397-4978-9106-ceba815f05dc.png"> ### Actual behaviour The image reference is broken. When inspecting the element, it shows a relative path "../../images/totp-countdown.png" which moves it to a top-level directory above the bitwarden base directory (which in my case has the structure https://example.com/bitwarden/). ### Troubleshooting data The image seems to be referenced somewhere inside the angular app. Tried to rewrite "../../images/" to "./images" using the http sub module in Nginx but it seems not to modify the resulting HTML. As a workaround, I've used an ugly hack to rewrite /images/ to /bitwarden/images but this makes the subfolder unavailable to other docker containers.
Author
Owner

@BlackDex commented on GitHub (May 28, 2022):

Please provide the support string you can generate via the admin interface.

<!-- gh-comment-id:1140190307 --> @BlackDex commented on GitHub (May 28, 2022): Please provide the support string you can generate via the admin interface.
Author
Owner

@rohanshekhar commented on GitHub (May 28, 2022):

@BlackDex please see support string below:

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.25.0
  • Web-vault version: v2.28.1
  • Running within Docker: true (Base: Debian)
  • Environment settings overridden: false
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Database type: SQLite
  • Database version: 3.35.4
  • Clients used:
  • Reverse proxy and version:
  • Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden:

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_ip_header_enabled": true,
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "****/**.*******",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://*****.***************.***/*********",
  "domain_origin": "*****://*****.***************.***",
  "domain_path": "/*********",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 5 * * * *",
  "emergency_request_timeout_schedule": "0 5 * * * *",
  "enable_db_wal": true,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_explicit_tls": null,
  "smtp_from": "",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": null,
  "smtp_password": null,
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": null,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": true,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}
<!-- gh-comment-id:1140199550 --> @rohanshekhar commented on GitHub (May 28, 2022): @BlackDex please see support string below: ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.25.0 * Web-vault version: v2.28.1 * Running within Docker: true (Base: Debian) * Environment settings overridden: false * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.35.4 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": true, "_ip_header_enabled": true, "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "****/**.*******", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://*****.***************.***/*********", "domain_origin": "*****://*****.***************.***", "domain_path": "/*********", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 5 * * * *", "emergency_request_timeout_schedule": "0 5 * * * *", "enable_db_wal": true, "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "password_iterations": 100000, "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": true, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_explicit_tls": null, "smtp_from": "", "smtp_from_name": "Vaultwarden", "smtp_host": null, "smtp_password": null, "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": null, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_syslog": false, "user_attachment_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": true, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details>
Author
Owner

@BlackDex commented on GitHub (May 28, 2022):

That all looks ok. I would double check the reverse proxy config. Maybe there is a small miss configuration there.
https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples

Since, the base containers are just working fine and provide the images and stylesheets etc..

<!-- gh-comment-id:1140200412 --> @BlackDex commented on GitHub (May 28, 2022): That all looks ok. I would double check the reverse proxy config. Maybe there is a small miss configuration there. https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples Since, the base containers are just working fine and provide the images and stylesheets etc..
Author
Owner

@rohanshekhar commented on GitHub (May 28, 2022):

Thanks @BlackDex , I checked nginx subdirectory examples and my configuration is identical. It seems everything else works fine except for the image source for "totp-countdown.png". I know it's just cosmetic, but I'm fairly sure that the image url should not have two directory level-ups in it. I've inspected the element as shown below. Of course, "../../images/totp-countdown.png" will have no impact when vaultwarden runs on the server root, since you can only change directory a single level up before hitting root. However, when running vaultwarden in a subdirectory, it points to one level above that subdirectory, so the image cannot be found.

image
<!-- gh-comment-id:1140201925 --> @rohanshekhar commented on GitHub (May 28, 2022): Thanks @BlackDex , I checked nginx subdirectory examples and my configuration is identical. It seems everything else works fine except for the image source for "totp-countdown.png". I know it's just cosmetic, but I'm fairly sure that the image url should not have two directory level-ups in it. I've inspected the element as shown below. Of course, "../../images/totp-countdown.png" will have no impact when vaultwarden runs on the server root, since you can only change directory a single level up before hitting root. However, when running vaultwarden in a subdirectory, it points to one level above that subdirectory, so the image cannot be found. <img width="1139" alt="image" src="https://user-images.githubusercontent.com/29293499/170816570-709dd32e-23d3-4a58-8112-92ee288b2ff4.png">
Author
Owner

@BlackDex commented on GitHub (May 28, 2022):

I'm afraid that isn't something we can fix on our side that easily.
We probably need to check the upstream code from Bitwarden and fix it there.

<!-- gh-comment-id:1140210355 --> @BlackDex commented on GitHub (May 28, 2022): I'm afraid that isn't something we can fix on our side that easily. We probably need to check the upstream code from Bitwarden and fix it there.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#38530