[GH-ISSUE #5911] Broken Webauthn 2fa login on IOS devices with non-English language settings #2283

New issue

Closed

opened 2026-03-03 02:16:53 +03:00 by kerem · 8 comments

kerem commented 2026-03-03 02:16:53 +03:00

Owner

Copy link

Originally created by @mrhaoxx on GitHub (May 30, 2025).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/5911

Vaultwarden Support String

Your environment (Generated via diagnostics page)

• Vaultwarden version: v1.34.1
• Web-vault version: v2025.5.0
• OS/Arch: linux/aarch64
• Running within a container: true (Base: Debian)
• Database type: SQLite
• Database version: 3.49.1
• Uses config.json: true
• Uses a reverse proxy: true
• IP Header check: false (X-Forwarded-For)
• Internet access: false
• Internet access via a proxy: false
• DNS Check: true
• Browser/Server Time Check: true
• Server/NTP Time Check: n/a
• Domain Configuration Check: true
• HTTPS Check: true
• Websocket Check: true
• HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: DOMAIN, SIGNUPS_ALLOWED, ADMIN_TOKEN

Config:

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://*********************",
  "domain_origin": "*****://*********************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 5,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "ssh-key-vault-item,ssh-agent",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": "***",
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "StarHome Bitwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 100000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "**********************",
  "smtp_from_name": "StarHome Bitwarden",
  "smtp_host": "*****************",
  "smtp_password": "***",
  "smtp_port": 465,
  "smtp_security": "force_tls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "**********************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

v1.34.1

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

OpenNG

Host/Server Operating System

Linux

Operating System Version

No response

Clients

iOS

Client Version

No response

Steps To Reproduce

1. Enable the account with fido2 hardware key as 2fa
2. try to login in IOS app
3. redirect to example.com/webauthn-mobile-connector.html for auth
4. the page is broken

Expected Result

the page should be working to allow 2fa auth via hardware fido2 keys

Actual Result

not working

the page was broken

Logs

Screenshots or Videos

No response

Additional Context

No response

Originally created by @mrhaoxx on GitHub (May 30, 2025). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/5911 ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.34.1 * Web-vault version: v2025.5.0 * OS/Arch: linux/aarch64 * Running within a container: true (Base: Debian) * Database type: SQLite * Database version: 3.49.1 * Uses config.json: true * Uses a reverse proxy: true * IP Header check: false (X-Forwarded-For) * Internet access: false * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: n/a * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** DOMAIN, SIGNUPS_ALLOWED, ADMIN_TOKEN **Config:** ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://*********************", "domain_origin": "*****://*********************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 5, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "ssh-key-vault-item,ssh-agent", "extended_logging": true, "helo_name": null, "hibp_api_key": "***", "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "StarHome Bitwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 100000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "**********************", "smtp_from_name": "StarHome Bitwarden", "smtp_host": "*****************", "smtp_password": "***", "smtp_port": 465, "smtp_security": "force_tls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "**********************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version v1.34.1 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy OpenNG ### Host/Server Operating System Linux ### Operating System Version _No response_ ### Clients iOS ### Client Version _No response_ ### Steps To Reproduce 1. Enable the account with fido2 hardware key as 2fa 2. try to login in IOS app 3. redirect to example.com/webauthn-mobile-connector.html for auth 4. the page is broken ### Expected Result the page should be working to allow 2fa auth via hardware fido2 keys ### Actual Result not working  the page was broken ### Logs ```text ``` ### Screenshots or Videos _No response_ ### Additional Context _No response_

kerem 2026-03-03 02:16:53 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (May 30, 2025):

A redirect to example is a bit strange. That sounds to me like you have your domain configured as example.com or it's changed somewhere by something.

<!-- gh-comment-id:2921211764 --> @BlackDex commented on GitHub (May 30, 2025): A redirect to example is a bit strange. That sounds to me like you have your domain configured as `example.com` or it's changed somewhere by something.

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@mrhaoxx commented on GitHub (May 30, 2025):

the issue is that the page /webauthn-mobile-connector.html is broken, not the domain

I just modified the url to hide my real domain :)

<!-- gh-comment-id:2921215028 --> @mrhaoxx commented on GitHub (May 30, 2025): the issue is that the page `/webauthn-mobile-connector.html` is broken, not the domain I just modified the url to hide my real domain :)

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (May 30, 2025):

Any logs on the Vaultwarden server side?

<!-- gh-comment-id:2921222081 --> @BlackDex commented on GitHub (May 30, 2025): Any logs on the Vaultwarden server side?

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@mrhaoxx commented on GitHub (May 30, 2025):

no it seems that this is now working as a "static" page with no interaction with the server side

i can see a js error in the console

<!-- gh-comment-id:2921226019 --> @mrhaoxx commented on GitHub (May 30, 2025): no it seems that this is now working as a "static" page with no interaction with the server side  i can see a js error in the console

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (May 30, 2025):

I just tried it on my Android phone and it seems to work there.
Also, you show a browser developer tools box.

I need a bit more details on what you mean with ios devices than.
What kind of device, are you using an updated version of the client.

<!-- gh-comment-id:2921248984 --> @BlackDex commented on GitHub (May 30, 2025): I just tried it on my Android phone and it seems to work there. Also, you show a browser developer tools box. I need a bit more details on what you mean with ios devices than. What kind of device, are you using an updated version of the client.

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@mrhaoxx commented on GitHub (May 30, 2025):

Strangely, it's now working normally on my device, though i don't know what happened.

Thanks very much for you patience !!

<!-- gh-comment-id:2921265320 --> @mrhaoxx commented on GitHub (May 30, 2025): Strangely, it's now working normally on my device, though i don't know what happened. Thanks very much for you patience !!

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@mrhaoxx commented on GitHub (May 30, 2025):

Oh, I found it.
It works normally with the app language set to English but failed when lang is set to Chinese

<!-- gh-comment-id:2921271552 --> @mrhaoxx commented on GitHub (May 30, 2025): Oh, I found it. It works normally with the app language set to English but failed when lang is set to Chinese

kerem commented 2026-03-03 02:16:54 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (May 30, 2025):

I'm afraid that isn't something we can fix then.
I know there are or where several issues with some Asian languages for some reason with several Bitwarden clients.

But that isn't something we can fix as this project doesn't maintain the clients.

<!-- gh-comment-id:2921280122 --> @BlackDex commented on GitHub (May 30, 2025): I'm afraid that isn't something we can fix then. I know there are or where several issues with some Asian languages for some reason with several Bitwarden clients. But that isn't something we can fix as this project doesn't maintain the clients.

kerem referenced this issue 2026-03-03 09:25:45 +03:00

[PR #2292] [MERGED] Update async to prepare for main merge + several updates #3077

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

revert-7033-patch-1

cached-config-operations

test_dylint

1.35.8

1.35.7

1.35.6

1.35.5

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels   

SSO

  

Third party

  

better for forum

  

bug

  

bug

  

documentation

  

duplicate

  

enhancement

  

future Vault

  

future Vault

  

future Vault

  

good first issue

  

help wanted

  

low priority

  

notes

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

troubleshooting

  

wontfix

No labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

question

troubleshooting

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/vaultwarden#2283

No description provided.