Mysterious Webauth issue solved #3708
NeoLizzard
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Greetings,
I had now a couple of hours sacrificed into checking on a very strange problem and just figured it out and wanted to share my finding.
I have a private instance of vaultwarden and setup another one in a bigger environment.
Moved my configuration (all tested and working) into the new one - everything was fine aswell... except webauth with yubikey.
For whatever reason I got all the time the information, that based on CSP (sameorigin) the auth process was blocked from loading.
Browser vault was working, at home it was working, but in the new environment it was not (on the clients desktop app). And I just couldn't wrap my head around why.
Then I noticed that in that environment (not setup by me, except for the vaultwarden server) the clients, who connected have been not getting the bitwarden client from the bitwarden website - instead they have been using the windows store one...
While doing my research I learned that vaultwarden handles his CSP by himself - including the "framce-ancestor" one's, which can be found here: https://github.com/dani-garcia/vaultwarden/blob/main/src/util.rs starting at line 68:
And this is, where it hit me like a truck... "Could it be, that the windows store version of the bitwarden client is doing something different, then the native client? Or maybe the CSP settings are not handling something specific to the MS Store Version of the Client?"
I uninstalled the MS Store Version of Bitwarden and installed the native one... And suddenly the webauth and everything else was working like a charm!?
Maybe this insight may help somebody - stay awesome folks
Beta Was this translation helpful? Give feedback.
All reactions