search

bitwarden / clients

Bitwarden client apps (web, browser extension, desktop, and cli).
https://bitwarden.com
Other
8.97k stars 1.18k forks source link

"Excluded Domains" instructions are obsolete #6854

Open bwbug opened 10 months ago

bwbug commented 10 months ago

Steps To Reproduce

  1. Open browser extension.
  2. Go to Settings > Excluded domains.
  3. Read the information at the bottom of the Excluded Domains page.

Expected Result

One would expect to see information pertaining to the new function of the Excluded Domains list (inhibition of FIDO2 page-script injection for any FQDN that is included in the Excluded Domains list), which was introduced in version 2023.10.2.

Actual Result

The only information shown on the Excluded Domains page in the browser extension settings is the following:

image

This is confusing for two reasons:

Screenshots or Videos

No response

Additional Context

The functionality of the Excluded Domains list was significantly modified in PRs #6790 and #6801 (released in version 2023.10.2). The information provided to the user should reflect this major change.

Operating System

Windows

Operating System Version

No response

Web Browser

Chrome

Browser Version

No response

Build Version

2023.10.2

Issue Tracking Info

sammbw commented 9 months ago

Hi there,

Thank you for raising this, it has been escalated for further investigation. If you have more information that can help us, please add it below.

Thanks!

bwbug commented 9 months ago

I would suggest the following wording:

For a fully qualified domain name on this exclusion list, Bitwarden will not check if a passkey exists for the domain, and it will not ask to save login details. You must refresh the web page for changes to take effect.