starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-04-26 01:35:54 +03:00
Code Issues 39 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #1399] users.equivalent_domains field is cleartext in the database #939

New issue
Closed
opened 2026-03-03 02:04:50 +03:00 by kerem · 3 comments
kerem commented 2026-03-03 02:04:50 +03:00
Owner
Copy link

Originally created by @jtackaberry on GitHub (Feb 17, 2021).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1399

Subject of the issue

users.equivalent_domains is cleartext in the database which could leak information about sites users visit (under the assumption that users will enter domains here that they visit).

Your environment

  • Bitwarden_rs version: 1.19.0
  • Install method: Docker image
  • Clients used: N/A
  • Reverse proxy and version: N/A
  • Version of mysql/postgresql: N/A (sqlite backend)

Expected behaviour

The field should be encrypted and opaque to the admin, or if this data is required to be cleartext for some backend functionality to work, that should be documented somewhere, and ideally there should be a big warning box on the front end where this is configured saying this information shouldn't be considered private.

(Though as the web client isn't your code I'm not sure if this is feasible, but it's certainly preferable of possible.)

Actual behaviour

The field is stored in plaintext and users would incorrectly assume, given the rest of Bitwarden's security posture, that anything they enter there would be encrypted on the backend.

Originally created by @jtackaberry on GitHub (Feb 17, 2021). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1399 ### Subject of the issue `users.equivalent_domains` is cleartext in the database which could leak information about sites users visit (under the assumption that users will enter domains here that they visit). ### Your environment * Bitwarden_rs version: 1.19.0 * Install method: Docker image * Clients used: N/A * Reverse proxy and version: N/A * Version of mysql/postgresql: N/A (sqlite backend) ### Expected behaviour The field should be encrypted and opaque to the admin, or if this data is required to be cleartext for some backend functionality to work, that should be documented somewhere, and ideally there should be a big warning box on the front end where this is configured saying this information shouldn't be considered private. (Though as the web client isn't your code I'm not sure if this is feasible, but it's certainly preferable of possible.) ### Actual behaviour The field is stored in plaintext and users would incorrectly assume, given the rest of Bitwarden's security posture, that anything they enter there would be encrypted on the backend.
kerem closed this issue 2026-03-03 02:04:50 +03:00
kerem commented 2026-03-03 02:04:51 +03:00
Author
Owner
Copy link

@BlackDex commented on GitHub (Feb 17, 2021):

I don't know if that would help that much. If a user has favicon enabled this exposes that same information.

If you want to avoid this, then you are probably better off by just adding those domains to the specific ciphers as an add URL.

Also, this is something upstream doesn't encrypt either, else they would have encrypted it before sending it to the backend server.

<!-- gh-comment-id:780837518 --> @BlackDex commented on GitHub (Feb 17, 2021): I don't know if that would help that much. If a user has favicon enabled this exposes that same information. If you want to avoid this, then you are probably better off by just adding those domains to the specific ciphers as an add URL. Also, this is something upstream doesn't encrypt either, else they would have encrypted it before sending it to the backend server.
kerem commented 2026-03-03 02:04:51 +03:00
Author
Owner
Copy link

@jtackaberry commented on GitHub (Feb 17, 2021):

@BlackDex yeah, I assumed upstream wouldn't have encrypted this either as obviously the protocol itself has this information passed in the clear.

One of the big differences between this and the favicons feature is that the latter is documented that it has privacy implications, and takes you to a page explaining what they are.

Again I know the frontend is entirely different, but in case you have some latitude as to what's displayed, or at the very least documenting it somewhere -- or perhaps this very issue will serve as that documentation (because I searched before I opened it :)).

<!-- gh-comment-id:780841065 --> @jtackaberry commented on GitHub (Feb 17, 2021): @BlackDex yeah, I assumed upstream wouldn't have encrypted this either as obviously the protocol itself has this information passed in the clear. One of the big differences between this and the favicons feature is that the latter is documented that it has privacy implications, and takes you to a page explaining what they are. Again I know the frontend is entirely different, but in case you have some latitude as to what's displayed, or at the very least documenting it somewhere -- or perhaps this very issue will serve as that documentation (because I searched before I opened it :)).
kerem commented 2026-03-03 02:04:51 +03:00
Author
Owner
Copy link

@jjlin commented on GitHub (Feb 17, 2021):

It would be better to request this at https://community.bitwarden.com/c/feature-requests/5 so any changes benefit all Bitwarden users.

<!-- gh-comment-id:780842195 --> @jjlin commented on GitHub (Feb 17, 2021): It would be better to request this at https://community.bitwarden.com/c/feature-requests/5 so any changes benefit all Bitwarden users.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
revert-7033-patch-1
cached-config-operations
test_dylint
1.35.8
1.35.7
1.35.6
1.35.5
1.35.4
1.35.3
1.35.2
1.35.1
1.35.0
1.34.3
1.34.2
1.34.1
1.34.0
1.33.2
1.33.1
1.33.0
1.32.7
1.32.6
1.32.5
1.32.4
1.32.3
1.32.2
1.32.1
1.32.0
1.31.0
1.30.5
1.30.4
1.30.3
1.30.2
1.30.1
1.30.0
1.29.2
1.29.1
1.29.0
1.28.1
1.28.0
1.27.0
1.26.0
1.25.2
1.25.1
1.25.0
1.24.0
1.23.1
1.23.0
1.22.2
1.22.1
1.22.0
1.21.0
1.20.0
1.19.0
1.18.0
1.17.0
1.16.3
1.16.2
1.16.1
1.16.0
1.15.1
1.15.0
1.14.2
1.14.1
1.14
1.13.1
1.13.0
1.12.0
1.11.0
1.10.0
1.9.1
1.9.0
1.8.0
1.7.0
1.6.1
1.6.0
1.5.0
1.4.0
1.3.0
1.2.0
1.1.0
1.0.0
0.13.0
0.12.0
0.11.0
0.10.0
0.9.0
Labels
Clear labels   
SSO

   
Third party

   
better for forum

   
bug

   
bug

   
documentation

   
duplicate

   
enhancement

   
future Vault

   
future Vault

   
future Vault

   
good first issue

   
help wanted

   
low priority

   
notes

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
troubleshooting

   
wontfix
No labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
question
troubleshooting
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/vaultwarden#939
No description provided.