Closed mckraemer closed 1 week ago
Not all icons can be downloaded. Some sites have protections which can't be bypassed or fooled.
I quickly tested it but Zalando works for me, as does via Bitwarden. The other one doesn't, but that is also the case for Bitwarden. That might indicate some site protections to be in place.
Can you enable debug logging LOG_LEVEL=debug
and try to download that icon by going to https://your.domain.tld/icons/deutsche-glasfaser.de/icon.png
and check the logs?
You might need to remove the .miss
file from the icons folder first, else it will not attempt to try and download again.
Just to add the log to zalando:
[2024-06-12 11:32:37.302][h2::codec::framed_read][DEBUG] received frame=Headers { stream_id: StreamId(3), flags: (0x5: END_HEADERS | END_STREAM) } [2024-06-12 11:32:37.302][reqwest::async_impl::client][DEBUG] redirecting 'https://zalando.de/' to 'https://www.zalando.de/' [2024-06-12 11:32:37.302][h2::codec::framed_write][DEBUG] send frame=Headers { stream_id: StreamId(3), flags: (0x5: END_HEADERS | END_STREAM) } [2024-06-12 11:32:37.378][h2::codec::framed_read][DEBUG] received frame=Headers { stream_id: StreamId(3), flags: (0x4: END_HEADERS) } [2024-06-12 11:32:37.379][vaultwarden::api::icons][DEBUG] [get_icon_url]: Trying with www. prefix 'www.zalando.de' [2024-06-12 11:32:37.379][h2::codec::framed_write][DEBUG] send frame=Reset { stream_id: StreamId(3), error_code: CANCEL } [2024-06-12 11:32:37.381][h2::codec::framed_read][DEBUG] received frame=Data { stream_id: StreamId(3) } [2024-06-12 11:32:37.382][h2::codec::framed_read][DEBUG] received frame=Data { stream_id: StreamId(3) } [2024-06-12 11:32:37.385][h2::codec::framed_read][DEBUG] received frame=Data { stream_id: StreamId(3), flags: (0x1: END_STREAM) } [2024-06-12 11:32:37.389][h2::codec::framed_write][DEBUG] send frame=Headers { stream_id: StreamId(5), flags: (0x5: END_HEADERS | END_STREAM) } [2024-06-12 11:32:37.506][h2::codec::framed_read][DEBUG] received frame=Headers { stream_id: StreamId(5), flags: (0x4: END_HEADERS) } [2024-06-12 11:32:37.507][reqwest::connect][DEBUG] starting new connection: http://www.zalando.de/ [2024-06-12 11:32:37.507][h2::codec::framed_write][DEBUG] send frame=Reset { stream_id: StreamId(5), error_code: CANCEL } [2024-06-12 11:32:37.508][h2::codec::framed_read][DEBUG] received frame=Data { stream_id: StreamId(5) } [2024-06-12 11:32:37.510][h2::codec::framed_read][DEBUG] received frame=Data { stream_id: StreamId(5) } [2024-06-12 11:32:37.510][h2::codec::framed_read][DEBUG] received frame=Data { stream_id: StreamId(5), flags: (0x1: END_STREAM) } [2024-06-12 11:32:37.552][h2::codec::framed_write][DEBUG] send frame=Headers { stream_id: StreamId(5), flags: (0x5: END_HEADERS | END_STREAM) } [2024-06-12 11:32:37.565][h2::codec::framed_read][DEBUG] received frame=Headers { stream_id: StreamId(5), flags: (0x5: END_HEADERS | END_STREAM) } [2024-06-12 11:32:37.565][reqwest::async_impl::client][DEBUG] redirecting 'https://zalando.de/favicon.ico' to 'https://www.zalando.de/favicon.ico' [2024-06-12 11:32:37.565][h2::codec::framed_write][DEBUG] send frame=Headers { stream_id: StreamId(7), flags: (0x5: END_HEADERS | END_STREAM) } [2024-06-12 11:32:37.618][h2::codec::framed_read][DEBUG] received frame=Headers { stream_id: StreamId(7), flags: (0x4: END_HEADERS) } [2024-06-12 11:32:37.618][vaultwarden::api::icons][DEBUG] Req. [CAUSE] reqwest::Error { kind: Status( 403, ), url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some( Domain( "www.zalando.de", ), ), port: None, path: "/favicon.ico", query: None, fragment: None, }, }
Referring to your pasted url. I need to edit the url right?
I attached your required log to https://your.domain.tld/icons/deutsche-glasfaser.de/icon.png
.
log-icon.txt
That domain only has an SVG
icon, which we do not support. The main reason for that is that Vaultwarden does not convert the image types they are originally are provided by the sites them self. Since SVG's could contain scripts, HTML or any other item we deem this extension to be unsafe and do not download these. As that is the only supported icon they have, and do not provide any other valid fallback like /favicon.ico
or /apple-touch-icon.png
. So for that domain we are not able to provide any other way to let you see those icons using the built-in favicon provider.
You might want to try a different favicon provider, and i quickly checked, but it looks like only Google seems to serve an icon for this.
So, to get this working you want to change/update the following setting: https://github.com/dani-garcia/vaultwarden/blob/8f05a90b96adfe06722d01510923759fe61a8bd6/.env.template#L290-L301
And set it to ICON_SERVICE=google
Or, i quickly also checked via an other service faviconkit.com you can set it to:
ICON_SERVICE="https://api.faviconkit.com/{}/32"
I hope this will help you.
Deployment environment
Your environment (Generated via diagnostics page)
Config (Generated via diagnostics page)
Show Running Config
**Environment settings which are overridden:** ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_smtp_img_src": "cid:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://************", "domain_origin": "*****://************", "domain_path": "", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 8, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Forwarded-For", "job_poll_interval_ms": 30000, "log_file": "/data/vaultwarden.log", "log_level": "warn", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 400000, "push_enabled": true, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": true, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "********************", "smtp_from_name": "Bitwarden", "smtp_host": "**************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "********************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": false, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ```Install method: Docker image
Other relevant details:
Steps to reproduce
I added two websited to my vault which don´t receive icons, it fails to find them. https://deutsche-glasfaser.de/ https://zalando.de
Expected behaviour
Icons should be downloaded and shown.