Can't login with Safari plugin Access-Control-Allow-Origin

thewinger · March 10, 2021, 6:57am

I did the Safari Web Inspector and this is what it shows when I try to log in.

This is my docker-compose code for Bitwarden:

# Bitwarden - Password Manager
bitwarden:
  image: bitwardenrs/server:latest
  container_name: bitwarden
  restart: unless-stopped
  networks:
    - t2_proxy
    - bw-net
  volumes:
    - $DOCKERDIR/bitwarden:/data
    - /var/log/docker:/var/log/docker
    - /etc/timezone:/etc/timezone:ro
    - /etc/localtime:/etc/localtime:ro
  environment:
    - SIGNUPS_ALLOWED=false
    - WEBSOCKET_ENABLED=true
    - DOMAIN=https://bitwarden.$DOMAINNAME
    - LOG_FILE=/data/bitwarden.log
    - LOG_LEVEL=info
  labels:
    - "traefik.enable=true"
    ## HTTP Routers
    - "traefik.http.routers.bitwarden-rtr.entrypoints=https"
    - "traefik.http.routers.bitwarden-rtr.rule=Host(`bitwarden.$DOMAINNAME`)"
    - "traefik.http.routers.bitwarden-rtr.priority=10"
    ## Middlewares
    - "traefik.http.routers.bitwarden-rtr.middlewares=middlewares-secure-headers@file"
    ## HTTP Services
    - "traefik.http.routers.bitwarden-rtr.service=bitwarden-svc"
    - "traefik.http.services.bitwarden-svc.loadbalancer.server.port=80"
    ## Bitwarden Websocket
    - "traefik.http.routers.bitwardenHub-rtr.entrypoints=https"
    - "traefik.http.routers.bitwardenHub-rtr.rule=Host(`bitwarden.$DOMAINNAME`) && Path(`/notifications/hub`)"
    - "traefik.http.routers.bitwardenHub-rtr.priority=20"
    - "traefik.http.routers.bitwardenHub-rtr.service=bitwardenHub-svc"
    - "traefik.http.services.bitwardenHub-svc.loadbalancer.server.port=3012"

And this is the middleware from Traefik v2

[http.middlewares.middlewares-secure-headers]
  [http.middlewares.middlewares-secure-headers.headers]
    accessControlAllowMethods= ["GET", "OPTIONS", "PUT"]
    accessControlMaxAge = 100
    hostsProxyHeaders = ["X-Forwarded-Host"]
    sslRedirect = true
    stsSeconds = 63072000
    stsIncludeSubdomains = true
    stsPreload = true
    forceSTSHeader = true
    #   frameDeny = true #overwritten by customFrameOptionsValue
    customFrameOptionsValue = "allow-from https:example.com" #CSP takes care of this but may be needed for organizr.
    contentTypeNosniff = true
    browserXssFilter = true
    #    sslForceHost = true # add sslHost to all of the services
    #   sslHost = "example.com"
    referrerPolicy = "same-origin"
    #   Setting contentSecurityPolicy is more secure but it can break things. Proper auth will reduce the risk.
    #   the below line also breaks some apps due to 'none' - sonarr, radarr, etc.
    #   contentSecurityPolicy = "frame-ancestors '*.example.com:*';object-src 'none';script-src 'none';"
    featurePolicy = "camera 'none'; geolocation 'none'; microphone 'none'; payment 'none'; usb 'none';"
    [http.middlewares.middlewares-secure-headers.headers.customResponseHeaders]
      X-Robots-Tag = "none,noarchive,nosnippet,notranslate,noimageindex,"
      server = ""

Topic		Replies	Views
iOS Apps keeps crashing Help	6	665	January 21, 2021
[FIXED] Safari plugin calling /api/accounts/verify-password Help	6	474	September 26, 2020
[SOLVED]New Chrome extension doesn't work with my own hosting bitwarden Help	3	1362	February 4, 2023
Cant login to Mac Safari,Chrome,iOS Bitwarden clients Help	2	543	March 31, 2023
Cannot login using the web extension on Brave Help	6	1006	September 10, 2022

Can't login with Safari plugin Access-Control-Allow-Origin

Related Topics