[GH-ISSUE #5912] Firefox Login not possible when password is filled by bitwarden plugin #2284

New issue

Closed

opened 2026-03-03 02:16:54 +03:00 by kerem · 5 comments

kerem commented 2026-03-03 02:16:54 +03:00

Owner

Copy link

Originally created by @bokkabonga on GitHub (May 30, 2025).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/5912

Vaultwarden Support String

Your environment (Generated via diagnostics page)

• Vaultwarden version: v1.34.1-90f7e5ff
• Web-vault version: v2025.5.0
• OS/Arch: linux/x86_64
• Running within a container: true (Base: Debian)
• Database type: MySQL
• Database version: 10.4.34-MariaDB-1:10.4.34+maria~ubu2004
• Uses config.json: true
• Uses a reverse proxy: true
• IP Header check: true (X-Real-IP)
• Internet access: true
• Internet access via a proxy: false
• DNS Check: true
• Browser/Server Time Check: true
• Server/NTP Time Check: true
• Domain Configuration Check: true
• HTTPS Check: true
• Websocket Check: true
• HTTP Response Checks: false

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: DOMAIN, SENDS_ALLOWED, HIBP_API_KEY, USER_ATTACHMENT_LIMIT, ORG_ATTACHMENT_LIMIT, TRASH_AUTO_DELETE_DAYS, INCOMPLETE_2FA_TIME_LIMIT, SIGNUPS_ALLOWED, SIGNUPS_VERIFY, SIGNUPS_VERIFY_RESEND_TIME, SIGNUPS_VERIFY_RESEND_LIMIT, SIGNUPS_DOMAINS_WHITELIST, ORG_CREATION_USERS, INVITATIONS_ALLOWED, EMERGENCY_ACCESS_ALLOWED, PASSWORD_ITERATIONS, PASSWORD_HINTS_ALLOWED, SHOW_PASSWORD_HINT, ADMIN_TOKEN, INVITATION_ORG_NAME, DISABLE_2FA_REMEMBER, AUTHENTICATOR_DISABLE_TIME_DRIFT, LOG_TIMESTAMP_FORMAT, YUBICO_CLIENT_ID, YUBICO_SECRET_KEY, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, EMAIL_EXPIRATION_TIME, EMAIL_ATTEMPTS_LIMIT

Failed HTTP Checks:

API calls:
Header: 'x-xss-protection' does not contain '0'
2FA Connector calls:
Header: 'x-xss-protection' does not contain '0'

Config:

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "*****://***************************************************",
  "db_connection_retries": 10,
  "disable_2fa_remember": true,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://****************",
  "domain_origin": "*****://****************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": false,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": "***",
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Bitwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "/data/bitwarden.log",
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": 20480,
  "org_creation_users": "***",
  "org_events_enabled": true,
  "org_groups_enabled": true,
  "password_hints_allowed": false,
  "password_iterations": 600000,
  "push_enabled": true,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": false,
  "signups_domains_whitelist": "******,******************",
  "signups_verify": true,
  "signups_verify_resend_limit": 3,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "Login",
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "****************",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "***************",
  "smtp_password": null,
  "smtp_port": 25,
  "smtp_security": "off",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": null,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": 60,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": 5121,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": "61202",
  "yubico_secret_key": "***",
  "yubico_server": null
}

Vaultwarden Build Version

1.34.1

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

apache

Host/Server Operating System

Linux

Operating System Version

Oracle 8.10

Clients

Web Vault

Client Version

Firefox 138.0.4

Steps To Reproduce

1. Go To Webvault
2. Enter Mail-Address
3. Have the Password filled by bitwarden browser extension
4. Try to Login

Expected Result

The Webvault asks for MFA.

Actual Result

Nothing happens. No error message shows or anything alike.

Logs

Screenshots or Videos

No response

Additional Context

When entering the password manually, the webvault works like expected.

Originally created by @bokkabonga on GitHub (May 30, 2025). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/5912 ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.34.1-90f7e5ff * Web-vault version: v2025.5.0 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Database type: MySQL * Database version: 10.4.34-MariaDB-1:10.4.34+maria~ubu2004 * Uses config.json: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: false ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** DOMAIN, SENDS_ALLOWED, HIBP_API_KEY, USER_ATTACHMENT_LIMIT, ORG_ATTACHMENT_LIMIT, TRASH_AUTO_DELETE_DAYS, INCOMPLETE_2FA_TIME_LIMIT, SIGNUPS_ALLOWED, SIGNUPS_VERIFY, SIGNUPS_VERIFY_RESEND_TIME, SIGNUPS_VERIFY_RESEND_LIMIT, SIGNUPS_DOMAINS_WHITELIST, ORG_CREATION_USERS, INVITATIONS_ALLOWED, EMERGENCY_ACCESS_ALLOWED, PASSWORD_ITERATIONS, PASSWORD_HINTS_ALLOWED, SHOW_PASSWORD_HINT, ADMIN_TOKEN, INVITATION_ORG_NAME, DISABLE_2FA_REMEMBER, AUTHENTICATOR_DISABLE_TIME_DRIFT, LOG_TIMESTAMP_FORMAT, YUBICO_CLIENT_ID, YUBICO_SECRET_KEY, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, EMAIL_EXPIRATION_TIME, EMAIL_ATTEMPTS_LIMIT **Failed HTTP Checks:** ```yaml API calls: Header: 'x-xss-protection' does not contain '0' 2FA Connector calls: Header: 'x-xss-protection' does not contain '0' ``` **Config:** ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "*****://***************************************************", "db_connection_retries": 10, "disable_2fa_remember": true, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://****************", "domain_origin": "*****://****************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": false, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": true, "helo_name": null, "hibp_api_key": "***", "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Bitwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": "/data/bitwarden.log", "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": 20480, "org_creation_users": "***", "org_events_enabled": true, "org_groups_enabled": true, "password_hints_allowed": false, "password_iterations": 600000, "push_enabled": true, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "******,******************", "signups_verify": true, "signups_verify_resend_limit": 3, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": "Login", "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "****************", "smtp_from_name": "Vaultwarden", "smtp_host": "***************", "smtp_password": null, "smtp_port": 25, "smtp_security": "off", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": null, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": 60, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": 5121, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": "61202", "yubico_secret_key": "***", "yubico_server": null } ``` </details> ### Vaultwarden Build Version 1.34.1 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy apache ### Host/Server Operating System Linux ### Operating System Version Oracle 8.10 ### Clients Web Vault ### Client Version Firefox 138.0.4 ### Steps To Reproduce 1. Go To Webvault 2. Enter Mail-Address 3. Have the Password filled by bitwarden browser extension 4. Try to Login ### Expected Result The Webvault asks for MFA. ### Actual Result Nothing happens. No error message shows or anything alike. ### Logs ```text ``` ### Screenshots or Videos _No response_ ### Additional Context When entering the password manually, the webvault works like expected.

kerem 2026-03-03 02:16:54 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-03-03 02:16:55 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (May 30, 2025):

I use that everytime when I'm developing. I have a password which I use for all my local development for all users to make my life easier. And I use this same way to fill the password.

I even used it yesterday, and it works just fine.

Maybe some other extension or security setting is preventing something?

<!-- gh-comment-id:2921460239 --> @BlackDex commented on GitHub (May 30, 2025): I use that everytime when I'm developing. I have a password which I use for all my local development for all users to make my life easier. And I use this same way to fill the password. I even used it yesterday, and it works just fine. Maybe some other extension or security setting is preventing something?

kerem commented 2026-03-03 02:16:55 +03:00

Author

Owner

Copy link

@bokkabonga commented on GitHub (May 30, 2025):

I use that everytime when I'm developing. I have a password which I use for all my local development for all users to make my life easier. And I use this same way to fill the password.

I even used it yesterday, and it works just fine.

Maybe some other extension or security setting is preventing something?

Good thought. The only other extension is ublock origin. Disabling it sadly didn´t change anything.
The same thing is happening in icognito mode.

<!-- gh-comment-id:2921467042 --> @bokkabonga commented on GitHub (May 30, 2025): > I use that everytime when I'm developing. I have a password which I use for all my local development for all users to make my life easier. And I use this same way to fill the password. > > I even used it yesterday, and it works just fine. > > Maybe some other extension or security setting is preventing something? Good thought. The only other extension is ublock origin. Disabling it sadly didn´t change anything. The same thing is happening in icognito mode.

kerem commented 2026-03-03 02:16:55 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (May 30, 2025):

Do you see anything in the console of the Bitwarden extension?

1. Open the extension in a separate window by clicking on the Pop Out icon in the top left.
2. In the main browser URL Bar type about:debugging and press enter
3. On the left click on This Firefox
4. Scroll until you see the Bitwarden - Free Password Manager and click on inspect

And now try it again and check for console errors there.

<!-- gh-comment-id:2921538316 --> @BlackDex commented on GitHub (May 30, 2025): Do you see anything in the console of the Bitwarden extension? 1. Open the extension in a separate window by clicking on the Pop Out icon in the top left. 2. In the main browser URL Bar type about:debugging and press enter 3. On the left click on This Firefox 4. Scroll until you see the Bitwarden - Free Password Manager and click on inspect And now try it again and check for console errors there.

kerem commented 2026-03-03 02:16:55 +03:00

Author

Owner

Copy link

@bokkabonga commented on GitHub (May 30, 2025):

There is one error:

Uncaught (in promise) Error: Could not establish connection. Receiving end does not exist.
    aO index.ts:118

And two warning:

Source-Map-Fehler: Error: URL constructor:  is not a valid URL.
Stack in the worker:resolveSourceMapURL@resource://devtools/client/shared/source-map-loader/utils/fetchSourceMap.js:56:22
getOriginalURLs@resource://devtools/client/shared/source-map-loader/source-map.js:73:24
workerHandler/</<@resource://devtools/client/shared/worker-utils.js:115:52
workerHandler/<@resource://devtools/client/shared/worker-utils.js:113:13

Ressourcen-Adresse: wasm:moz-extension://211ba52b-ff03-48d7-80f2-75414094ad3e/background.js%20line%201%20%3E%20WebAssembly.Module
Source-Map-Adresse: null

downloadable font: Glyph bbox was incorrect (glyph ids 4 5 12 16 17 20 21 22 23 29 31 33 35 37 40 41 42 43 45 47 48 49 50 61 62 66 67 68 69 70 75 76 78 80 86 87 88 98 99 102 105 109 111 112 113 123 124 125 128 129 130 131 137 138 139 143 145 146 154 158 159 160 161 162 163 171 172 176 177 180 181 182 183 184 185 186 187 188 189 190 195) (font-family: "bwi-font" style:normal weight:400 stretch:100 src index:1) source: moz-extension://211ba52b-ff03-48d7-80f2-75414094ad3e/popup/fonts/bwi-font.ttf 

I think i found the reason however. The entry for my masterpassword had a different mail-address set as username then i actually used. Once i changed the username to the correct mail-address the autofill started working again.

<!-- gh-comment-id:2921598451 --> @bokkabonga commented on GitHub (May 30, 2025): There is one error: ``` Uncaught (in promise) Error: Could not establish connection. Receiving end does not exist. aO index.ts:118 ``` And two warning: ``` Source-Map-Fehler: Error: URL constructor: is not a valid URL. Stack in the worker:resolveSourceMapURL@resource://devtools/client/shared/source-map-loader/utils/fetchSourceMap.js:56:22 getOriginalURLs@resource://devtools/client/shared/source-map-loader/source-map.js:73:24 workerHandler/</<@resource://devtools/client/shared/worker-utils.js:115:52 workerHandler/<@resource://devtools/client/shared/worker-utils.js:113:13 Ressourcen-Adresse: wasm:moz-extension://211ba52b-ff03-48d7-80f2-75414094ad3e/background.js%20line%201%20%3E%20WebAssembly.Module Source-Map-Adresse: null downloadable font: Glyph bbox was incorrect (glyph ids 4 5 12 16 17 20 21 22 23 29 31 33 35 37 40 41 42 43 45 47 48 49 50 61 62 66 67 68 69 70 75 76 78 80 86 87 88 98 99 102 105 109 111 112 113 123 124 125 128 129 130 131 137 138 139 143 145 146 154 158 159 160 161 162 163 171 172 176 177 180 181 182 183 184 185 186 187 188 189 190 195) (font-family: "bwi-font" style:normal weight:400 stretch:100 src index:1) source: moz-extension://211ba52b-ff03-48d7-80f2-75414094ad3e/popup/fonts/bwi-font.ttf ``` I think i found the reason however. The entry for my masterpassword had a different mail-address set as username then i actually used. Once i changed the username to the correct mail-address the autofill started working again.

kerem commented 2026-03-03 02:16:56 +03:00

Author

Owner

Copy link

@BlackDex commented on GitHub (May 30, 2025):

If anything it looks like a client side issue and not something specifically a server side item.

<!-- gh-comment-id:2921902257 --> @BlackDex commented on GitHub (May 30, 2025): If anything it looks like a client side issue and not something specifically a server side item.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

revert-7033-patch-1

cached-config-operations

test_dylint

1.35.8

1.35.7

1.35.6

1.35.5

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels   

SSO

  

Third party

  

better for forum

  

bug

  

bug

  

documentation

  

duplicate

  

enhancement

  

future Vault

  

future Vault

  

future Vault

  

good first issue

  

help wanted

  

low priority

  

notes

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

troubleshooting

  

wontfix

No labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

question

troubleshooting

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/vaultwarden#2284

No description provided.