[GH-ISSUE #2128] Cannot save new passwords in browser extension, instant Session Expired on save #1163

New issue

Closed

opened 2026-03-03 02:06:46 +03:00 by kerem · 2 comments

kerem commented 2026-03-03 02:06:46 +03:00

Owner

Copy link

Originally created by @aleksandarmomic on GitHub (Dec 3, 2021).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/2128

Subject of the issue

When I want to save something through the extension, I get an instant Session Expired message.
Sync works without issues, it's just saving data that doesn't.
I also use the Android app and it works fine both with sync and saving entries.

Extension version: 1.54.0
Browser: Firefox 94.0.2 (64-bit)

Tried in edge, also doesn't work.

Deployment environment

Your environment (Generated via diagnostics page)

• Vaultwarden version: v1.23.0
• Web-vault version: v2.23.0c
• Running within Docker: true (Base: Debian)
• Environment settings overridden: true
• Uses a reverse proxy: true
• IP Header check: true (X-Real-IP)
• Internet access: true
• Internet access via a proxy: false
• DNS Check: true
• Time Check: true
• Domain Configuration Check: true
• HTTPS Check: true
• Database type: SQLite
• Database version: 3.35.4
• Clients used: Firefox Extensions 1.54.0
• Reverse proxy and version: Traefik 2.5.4
• Other relevant information: Raspberry PI 4 (Raspberry PI OS 64bit, Bullseye)

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden: DOMAIN, USER_ATTACHMENT_LIMIT, ORG_ATTACHMENT_LIMIT, SIGNUPS_ALLOWED, ADMIN_TOKEN, SMTP_HOST, SMTP_SSL, SMTP_PORT, SMTP_FROM, SMTP_FROM_NAME, SMTP_PASSWORD

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_ip_header_enabled": true,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_max_conns": 10,
  "database_url": "****/**.*******",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://*****.*****-******.***",
  "domain_origin": "*****://*****.*****-******.***",
  "domain_path": "",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 5 * * * *",
  "emergency_request_timeout_schedule": "0 5 * * * *",
  "enable_db_wal": true,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "org_attachment_limit": 5242880,
  "org_creation_users": "",
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_explicit_tls": false,
  "smtp_from": "*****.**********@*****.***",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "****.*****.***",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_ssl": true,
  "smtp_timeout": 15,
  "smtp_username": "*****.**********@*****.***",
  "templates_folder": "data/templates",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_syslog": false,
  "user_attachment_limit": 1048576,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": true,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Steps to reproduce

• Login to extension
• Press on '+' icon
• Save any login information

Expected behaviour

Data saved successfully

Actual behaviour

Got Session Expired message and have to relogin to bitwarden. 2FA not asked again.

Troubleshooting data

Log entries when pressing Save:
[request][INFO] POST /api/ciphers
[auth][ERROR] Unauthorized Error: No access token provided
[response][INFO] POST /api/ciphers (post_ciphers) => 401 Unauthorized

Docker compose:

version: '3.4'

networks:
  web:
    external: true
services:
  vaultwarden:
    image: vaultwarden/server
    container_name: vaultwarden
    networks:
      - web
    environment:
      PUID: 1000
      PGID: 1000
      TZ: ${TIMEZONE:?err}
      WEBSOCKET_ENABLED: 'true'
      SIGNUPS_ALLOWED: 'false'
      ADMIN_TOKEN: '${BITWARDEN_ADMIN_TOKEN:?err}'
      DOMAIN: 'bitwarden.example.com'
      USER_ATTACHMENT_LIMIT: 1048576
      ORG_ATTACHMENT_LIMIT: 5242880
      SMTP_HOST: 'smtp.gmail.com'
      SMTP_FROM: 'redacted'
      SMTP_FROM_NAME: 'Vaultwarden'
      SMTP_PORT: '587'
      SMTP_SSL: 'true'
      SMTP_PASSWORD: '${VAULTWARDEN_SMTP_PASSWORD:?err}'
    volumes:
      - ${CONTAINERS_PATH:?err}/vaultwarden:/data
    labels:
      traefik.enable: 'true'
      traefik.http.routers.vault${TRAEFIK_PUBLIC_SERVICE_POSTFIX:?err}.entrypoints: '${TRAEFIK_HTTPS_ENTRYPOINT:?err}'
      traefik.http.routers.vault${TRAEFIK_PUBLIC_SERVICE_POSTFIX:?err}.rule: 'Host(`bitwarden.example.com`)'
      traefik.http.routers.vault${TRAEFIK_PUBLIC_SERVICE_POSTFIX:?err}.tls: 'true'
    restart: always

Originally created by @aleksandarmomic on GitHub (Dec 3, 2021). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/2128 ### Subject of the issue When I want to save something through the extension, I get an instant Session Expired message. Sync works without issues, it's just saving data that doesn't. I also use the Android app and it works fine both with sync and saving entries. Extension version: 1.54.0 Browser: Firefox 94.0.2 (64-bit) Tried in edge, also doesn't work. ### Deployment environment ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.23.0 * Web-vault version: v2.23.0c * Running within Docker: true (Base: Debian) * Environment settings overridden: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.35.4 * Clients used: Firefox Extensions 1.54.0 * Reverse proxy and version: Traefik 2.5.4 * Other relevant information: Raspberry PI 4 (Raspberry PI OS 64bit, Bullseye) ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** DOMAIN, USER_ATTACHMENT_LIMIT, ORG_ATTACHMENT_LIMIT, SIGNUPS_ALLOWED, ADMIN_TOKEN, SMTP_HOST, SMTP_SSL, SMTP_PORT, SMTP_FROM, SMTP_FROM_NAME, SMTP_PASSWORD ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": true, "_ip_header_enabled": true, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "authenticator_disable_time_drift": false, "data_folder": "data", "database_max_conns": 10, "database_url": "****/**.*******", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://*****.*****-******.***", "domain_origin": "*****://*****.*****-******.***", "domain_path": "", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 5 * * * *", "emergency_request_timeout_schedule": "0 5 * * * *", "enable_db_wal": true, "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "org_attachment_limit": 5242880, "org_creation_users": "", "password_iterations": 100000, "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_explicit_tls": false, "smtp_from": "*****.**********@*****.***", "smtp_from_name": "Vaultwarden", "smtp_host": "****.*****.***", "smtp_password": "***", "smtp_port": 587, "smtp_ssl": true, "smtp_timeout": 15, "smtp_username": "*****.**********@*****.***", "templates_folder": "data/templates", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_syslog": false, "user_attachment_limit": 1048576, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": true, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Steps to reproduce <!-- Tell us how to reproduce this issue. What parameters did you set (differently from the defaults) and how did you start vaultwarden? --> - Login to extension - Press on '+' icon - Save any login information ### Expected behaviour Data saved successfully ### Actual behaviour Got Session Expired message and have to relogin to bitwarden. 2FA not asked again. ### Troubleshooting data **Log entries when pressing Save:** [request][INFO] POST /api/ciphers [auth][ERROR] Unauthorized Error: No access token provided [response][INFO] POST /api/ciphers (post_ciphers) => 401 Unauthorized **Docker compose:** ```yaml version: '3.4' networks: web: external: true services: vaultwarden: image: vaultwarden/server container_name: vaultwarden networks: - web environment: PUID: 1000 PGID: 1000 TZ: ${TIMEZONE:?err} WEBSOCKET_ENABLED: 'true' SIGNUPS_ALLOWED: 'false' ADMIN_TOKEN: '${BITWARDEN_ADMIN_TOKEN:?err}' DOMAIN: 'bitwarden.example.com' USER_ATTACHMENT_LIMIT: 1048576 ORG_ATTACHMENT_LIMIT: 5242880 SMTP_HOST: 'smtp.gmail.com' SMTP_FROM: 'redacted' SMTP_FROM_NAME: 'Vaultwarden' SMTP_PORT: '587' SMTP_SSL: 'true' SMTP_PASSWORD: '${VAULTWARDEN_SMTP_PASSWORD:?err}' volumes: - ${CONTAINERS_PATH:?err}/vaultwarden:/data labels: traefik.enable: 'true' traefik.http.routers.vault${TRAEFIK_PUBLIC_SERVICE_POSTFIX:?err}.entrypoints: '${TRAEFIK_HTTPS_ENTRYPOINT:?err}' traefik.http.routers.vault${TRAEFIK_PUBLIC_SERVICE_POSTFIX:?err}.rule: 'Host(`bitwarden.example.com`)' traefik.http.routers.vault${TRAEFIK_PUBLIC_SERVICE_POSTFIX:?err}.tls: 'true' restart: always ```

kerem closed this issue 2026-03-03 02:06:47 +03:00

kerem commented 2026-03-03 02:06:47 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (Dec 3, 2021):

Some extensions can block these kind of headers. Also, try to log out and back in to see if that helps.

Else try to disable some other extensions to see which interferes.

<!-- gh-comment-id:985915167 --> @BlackDex commented on GitHub (Dec 3, 2021): Some extensions can block these kind of headers. Also, try to log out and back in to see if that helps. Else try to disable some other extensions to see which interferes.

kerem commented 2026-03-03 02:06:48 +03:00

Author

Owner

Copy link

@aleksandarmomic commented on GitHub (Dec 4, 2021):

Indeed it was Adguard. Totally forgot about it. Thank you!

<!-- gh-comment-id:985982205 --> @aleksandarmomic commented on GitHub (Dec 4, 2021): Indeed it was Adguard. Totally forgot about it. Thank you!

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

revert-7033-patch-1

cached-config-operations

test_dylint

1.35.8

1.35.7

1.35.6

1.35.5

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels   

SSO

  

Third party

  

better for forum

  

bug

  

bug

  

documentation

  

duplicate

  

enhancement

  

future Vault

  

future Vault

  

future Vault

  

good first issue

  

help wanted

  

low priority

  

notes

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

troubleshooting

  

wontfix

No labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

question

troubleshooting

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/vaultwarden#1163

No description provided.