Passkeys popup isn't triggered on localhost

thomiceli commented 2 weeks ago

Steps To Reproduce

Start a webapp implementing Webauthn on localhost.
Trigger a challenge from the server which will tell Bitwarden we need to use a passkey.

Expected Result

The Bitwarden popup to choose/create a passkey should be triggered (1)

Actual Result

Everything works with a domain name, even with a fake one using /etc/hosts in local. When using localhost, Bitwarden ignores it and we are forced to use the native FIDO2 implementation from the browser. (2, 3)

Screenshots or Videos

(1) The pop up is triggered, but not when using localhost domain

(2) In Firefox

(3) In Chromium

Additional Context

No response

Operating System

Linux

Operating System Version

6.10.11-2-MANJARO

Web Browser

Chrome, Firefox

Browser Version

Chromium 129.0.6668.89 Arch Linux; Mozilla Firefox 131.0

Build Version

2024.10.0 (Chromium) ; 2024.9.1 (Firefox)

Issue Tracking Info

[X] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

thomiceli commented 2 weeks ago

Okay, after some debugging inside the extension storage, it seems that my localhost was actually in the excluded domains. Pretty weird behavior since i never specified this domain to be excluded but whatever i guess

thomiceli commented 2 weeks ago

localhost is again added randomly (I guess) in the excluded hosts. Definitely strange behavior, or maybe I'm missing something

bitwarden / clients