github/vaultwarden
1
1
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-04-05 20:31:58 +02:00
Code Issues 48 Packages Projects Releases Wiki Activity

FIDO2 WebAuthn frame no longer loads in Web Vault #1949

New Issue
Closed
opened 2026-04-06 02:41:44 +02:00 by MrUnknownDE · 0 comments
MrUnknownDE commented 2026-04-06 02:41:44 +02:00
Owner
Copy Link

Originally created by @ducmthai on 10/19/2022

FIDO2 WebAuthn prompt frame does not load

The iframe is saying my-selfhost-vault.com refused to connect. my-selfhost-vault.com is served through Cloudflare

Deployment environment

  • vaultwarden version: 1.26-alpine

  • Install method: docker

  • Clients used: web vault

  • Reverse proxy and version: nginx 1.18

  • MySQL/MariaDB or PostgreSQL version: N/A

  • Other relevant details: Cloudflare -> nginx -> vaultwarden docker

Steps to reproduce

Setup a Yubikey as FIDO2 WebAuthn 2fa, then login via webvault

Expected behaviour

The FIDO2 WebAuthn page should prompt for a toutch/tap the security key.

Actual behaviour

The iframe where /images/u2fkey.webp is usually showed just says my-selfhost-vault.com refused to connect.

Troubleshooting data

1.25.0-alpine works with /webauthn-connector.html?data=<token> has x-frame-options: SAMEORIGIN in its response header. 1.26.0-alpine does not have this header.

1.26.0

1 26 0

1.25.0

1 25 0

*Originally created by @ducmthai on 10/19/2022* <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### FIDO2 WebAuthn prompt frame does not load The iframe is saying `my-selfhost-vault.com` refused to connect. `my-selfhost-vault.com` is served through Cloudflare ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: 1.26-alpine <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: docker * Clients used: web vault * Reverse proxy and version: nginx 1.18 * MySQL/MariaDB or PostgreSQL version: N/A * Other relevant details: Cloudflare -> nginx -> vaultwarden docker ### Steps to reproduce Setup a Yubikey as FIDO2 WebAuthn 2fa, then login via webvault ### Expected behaviour The FIDO2 WebAuthn page should prompt for a toutch/tap the security key. ### Actual behaviour The iframe where `/images/u2fkey.webp` is usually showed just says `my-selfhost-vault.com` refused to connect. ### Troubleshooting data `1.25.0-alpine` works with `/webauthn-connector.html?data=<token>` has `x-frame-options: SAMEORIGIN` in its response header. `1.26.0-alpine` does not have this header. ### 1.26.0 ![1 26 0](https://user-images.githubusercontent.com/13193688/196568071-399adf9e-cbf9-4415-96e5-c5636432c573.png) ### 1.25.0 ![1 25 0](https://user-images.githubusercontent.com/13193688/196568077-817da357-a88e-46f2-9022-18cdc64efb53.png)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
SSO
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
Third party
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
better for forum
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
bug
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
dependencies
documentation
documentation
documentation
documentation
documentation
duplicate
duplicate
duplicate
duplicate
duplicate
duplicate
duplicate
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
enhancement
future Vault
future Vault
future Vault
future Vault
future Vault
future Vault
future Vault
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
good first issue
hacktoberfest-accepted
hacktoberfest-accepted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
help wanted
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
low priority
notes
notes
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
question
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
troubleshooting
wontfix
wontfix
wontfix
wontfix
wontfix
wontfix
wontfix
wontfix
wontfix
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
MrUnknownDE
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github/vaultwarden#1949
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?