keepassxc-browser
keepassxc-browser copied to clipboard
keepassxreboot
Cannot save new credentials using browser
When I login to a new site where I have not added my credentials, the credentials are not saved to keepassxc.
Expected Behavior
When a new credentials is entered, upon successful login, the credentials should be saved in the keepassxc.
Current Behavior
The credentials are not getting saved.
Possible Solution
Steps to Reproduce (for bugs)
- Open site.
- Login by providing credentials.
- Check if credentials have been saved. The credentials are not saved.
Debug info
KeePassXC-Browser Version: 1.7.12 KeePassXC Version: 2.7.1 Operating system: Linux Browser: Firefox
Logs that I could find:- In the about:debugging page, I see this when I try to login with new credentials
Cannot send activated_tab message: Error: Could not establish connection. Receiving end does not exist.
switchTab moz-extension://ea998e4f-fd04-44a0-a38f-87a57c7ddf5b/background/page.js:208
It is able to detect the keepassxc running locally, as it is able to retrieve credentials. The issue is when it tries to save it, it fails.
A banner should appear that allows you to save the credentials. It doesn't happen automatically. Is the banner shown? What is the site?
The banner appears.
The moment I click the "New" button, a red x appears on the extention's icon. Click on the icon, Reload, go back to the banner. Repeat the same process with the same result.
Please check the errors on the Web Developer console on the web page when that happens.
JSON.parse: unterminated string at line 1 column 1027 of the JSON data subprocess_common.jsm:495
readJSON resource://gre/modules/subprocess/subprocess_common.jsm:495
stderr output from native app org.keepassxc.keepassxc_browser: thread '<unnamed>' panicked at 'called `Result::unwrap()` on an `Err` value: Error { kind: UnexpectedEof, message: "failed to fill whole buffer" }', src/main.rs:25:33
stderr output from native app org.keepassxc.keepassxc_browser: note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
JSON.parse: unterminated string at line 1 column 1027 of the JSON data subprocess_common.jsm:495
readJSON resource://gre/modules/subprocess/subprocess_common.jsm:495
Well that seems strange. The error is coming from Native Messaging itself. Are you using the normal KeePassXC's keepassxc-proxy? Does it help if you make a new temporary profile for Firefox and test the extension again?
I'm using Flatpak LibreWolf with https://github.com/varjolintu/keepassxc-proxy-rust. KeepassXC is installed natively so I used the first part of the workaround described here: https://unix.stackexchange.com/questions/584521/how-to-setup-firefox-and-keepassxc-in-a-flatpak-and-get-the-keepassxc-browser-ad.
@rubaboo When have you compiled the proxy? I was wondering if the bug is fixed with https://github.com/varjolintu/keepassxc-proxy-rust/pull/9 or is caused by it. Depending on are you using a version before or after. Just wondering if write_all() has something to do about this.
Btw, great post and explanation!
May 24. Should I recompile from latest?
Yes. Try if the bug happens anymore.
Hi, this is my last report, I am switching to a "natively" installed Librewolf, everything just works there. In the flatpak Librewolf, on the other hand, things somehow completely broke down, and nothing is working even after I recompiled the proxy from the previous (as of May 24) source code. I did not backup the binary before compiling the latest source code, so I'm not able, strictly speaking, to return to the previous state. Even if I could, I would not want to anymore. Even the part that was working (filling in username/password) was flaky. I kept having to reload, reconnect, restart the browser, lock/unlock the vault - just to get it to recognize and fill the fields. I started to think KeepasXC was completely unusable. As a last resort, I tried the "native" Librewolf with the "native" proxy (/usr/bin/keepassxc-proxy), and for the first time seeing the thing work reliably.
I probably should not have hijacked this thread to begin with, since my setup was not "vanilla". The issues I experienced are somewhere between keepassxc-proxy-rust and the current state of flatpak-desktop integration in general, and are beyond my ability to even describe/report/help troubleshoot properly.
Anyhow, back to the final report. With flatpak LW, I am getting the below message in the browser console. Not trying to save new credentials, just loading the github login page causes this message and a red cross on the extension's button. So, I am not able to use the extention to even login using existing credentials. Sorry for being repetitive, I just want to be clear: I am getting the same failure consistently, regardless of whether I compile the proxy from https://github.com/varjolintu/keepassxc-proxy-rust/commit/bd10966096fbe1dddba7a37151565f291f386e24 or from https://github.com/varjolintu/keepassxc-proxy-rust/commit/338735e6f4ab95f4b53734b05fe64c70694ea219m , although before (at the time of my first reply in this thread) I was able to login, and only had a problem saving new credentials.
JSON.parse: unterminated string at line 1 column 1027 of the JSON data [subprocess_common.jsm:495](resource://gre/modules/subprocess/subprocess_common.jsm)
readJSON resource://gre/modules/subprocess/subprocess_common.jsm:495
stderr output from native app org.keepassxc.keepassxc_browser: thread '<unnamed>' panicked at 'called `Result::unwrap()` on an `Err` value: Error { kind: UnexpectedEof, message: "failed to fill whole buffer" }', src/main.rs:25:33
stderr output from native app org.keepassxc.keepassxc_browser: note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
JSON.parse: unterminated string at line 1 column 1027 of the JSON data [subprocess_common.jsm:495](resource://gre/modules/subprocess/subprocess_common.jsm)
readJSON resource://gre/modules/subprocess/subprocess_common.jsm:495
Thank you.
You should report rust proxy issues over on that repository. It is neither the official proxy nor is it recommended for use.
There is a WIP pull request that will add support for interacting with native messaging hosts across sandboxed app (snap and flatpak) boundaries, flatpak/xdg-desktop-portal#705
Until it's ready and supported in browsers, I came up with this workaround for connecting flatpaked Firefox with flatpaked KeePassXC (should be applicable to Chromium-based, too):
- Granted the browser access to KeePassXC flatpak app and KDE runtime installations, and to the KeePassXC proxy socket:
flatpak override --user \ --filesystem={/var/lib,xdg-data}/flatpak/{app/org.keepassxc.KeePassXC,runtime/org.kde.Platform}:ro \ --filesystem=xdg-run/app/org.keepassxc.KeePassXC:create \ org.mozilla.firefox - Created a wrapper script that will launch the official
keepassxc-proxyfrom KeePassXC flatpak, at a path accessible by the Firefox flatpak, e.g.
This script requires Flatpak 1.12 or newer.~/.var/app/org.mozilla.firefox/data/bin/keepassxc-proxy-wrapper.sh
Fun fact: this script makes use of the mechanism initially implemented for Steam flatpak to allow it launching Proton containers; now it allows Firefox flatpak to launch KeePassXC container.#!/bin/bash APP_REF="org.keepassxc.KeePassXC/x86_64/stable" for inst in "$HOME/.local/share/flatpak" "/var/lib/flatpak"; do if [ -d "$inst/app/$APP_REF" ]; then FLATPAK_INST="$inst" break fi done [ -z "$FLATPAK_INST" ] && exit 1 APP_PATH="$FLATPAK_INST/app/$APP_REF/active" RUNTIME_REF=$(awk -F'=' '$1=="runtime" { print $2 }' < "$APP_PATH/metadata") RUNTIME_PATH="$FLATPAK_INST/runtime/$RUNTIME_REF/active" exec flatpak-spawn \ --env=LD_LIBRARY_PATH=/app/lib \ --app-path="$APP_PATH/files" \ --usr-path="$RUNTIME_PATH/files" \ -- keepassxc-proxy "$@" - Put the native messaging host json manifest to a the path where flatpaked Firefox will look for it, e.g.
and edited its contents to launch the previously created wrapper, e.g.~/.var/app/org.mozilla.firefox/.mozilla/native-messaging-hosts/org.keepassxc.keepassxc_browser.json{ "allowed_extensions": [ "[email protected]" ], "description": "KeePassXC integration with native messaging support", "name": "org.keepassxc.keepassxc_browser", "path": "/home/username/.var/app/org.mozilla.firefox/data/bin/keepassxc-proxy-wrapper.sh", "type": "stdio" }
@rugk may be interested in updating their guide to use the official keepassxc-proxy instead of the keepassxc-proxy-rust that appears to work unstable.
@gasinvein Thank You so much man. I followed your guide to do same with Brave Flatpak. And it works flawlessly. And it's better than previous script.
- permission for brave
flatpak override --user --filesystem={/var/lib,xdg-data}/flatpak/{app/org.keepassxc.KeePassXC,runtime/org.kde.Platform}:ro --filesystem=xdg-run/app/org.keepassxc.KeePassXC:create com.brave.Browser
- put
keepassxc-proxy-wrapper.shto~/.var/app/com.brave.Browser/config/BraveSoftware/Brave-Browser/keepassxc-proxy-wrapper.sh. make surekeepassxc-proxy-wrapper.shis executable. - copy Native messaging host from
~/.config/BraveSoftware/Brave-Browser/NativeMessagingHosts/to~/.var/app/com.brave.Browser/config/BraveSoftware/Brave-Browser/NativeMessagingHosts/ - and edited the line
{
"allowed_origins": [
"chrome-extension://pdffhmdngciaglkoonimfcmckehcpafo/",
"chrome-extension://oboonakemofpalcgghocfoadofidjkkk/"
],
"description": "KeePassXC integration with native messaging support",
"name": "org.keepassxc.keepassxc_browser",
"path": "/home/username/.var/app/com.brave.Browser/config/BraveSoftware/Brave-Browser/keepassxc-proxy-wrapper.sh",
"type": "stdio"
}
For those who are using Debian, the current version of Flatpak is 1.10, which wont work, so you will need to install a newer version through bullseye-backports.
Thanks, @gasinvein, for the solution!
The script didn't work on my system, I think it's because I installed KeePassXC only for the user, the runtime is only available system-wide though.
Here's a version of the script that also works in that case:
#!/bin/bash
# KeePassXC install dir
APP_REF="org.keepassxc.KeePassXC/x86_64/stable"
for inst in "$HOME/.local/share/flatpak" "/var/lib/flatpak"; do
if [ -d "$inst/app/$APP_REF" ]; then
FLATPAK_INST="$inst"
break
fi
done
[ -z "$FLATPAK_INST" ] && exit 1
APP_PATH="$FLATPAK_INST/app/$APP_REF/active"
# runtime install dir
RUNTIME_REF=$(awk -F'=' '$1=="runtime" { print $2 }' < "$APP_PATH/metadata")
for inst in "$HOME/.local/share/flatpak" "/var/lib/flatpak"; do
if [ -d "$inst/runtime/$RUNTIME_REF" ]; then
FLATPAK_INST="$inst"
break
fi
done
[ -z "$FLATPAK_INST" ] && exit 1
RUNTIME_PATH="$FLATPAK_INST/runtime/$RUNTIME_REF/active"
exec flatpak-spawn \
--env=LD_LIBRARY_PATH=/app/lib \
--app-path="$APP_PATH/files" \
--usr-path="$RUNTIME_PATH/files" \
-- keepassxc-proxy "$@"
Anyone able to get the above approach to work? The latest uses org.fedoraproject.KDE5Platform and not org.kde.Platform. Adding that override to firefox and exectuting the above keepassxc-proxy-wrapper.sh leads to an error...."error while loading shared libraries: libbotan-2.so.19: cannot open shared object file: No such file or directory"
Can someone please point me to the current working method for flatpak xc/firefox. A google search leads to a wild goose chase with a hundred approaches and none of them work. Copy/pasting is hard work. ;)
@revelation1 Stumbled upon as well. Adjusting the following env var should fix it
--env=LD_LIBRARY_PATH="/app/lib:/var/lib/flatpak/app/org.keepassxc.KeePassXC/x86_64/stable/active/"
I was referring to comment-1153736766
I wasn't paying attention and wanted to use it with native keepassxc and flatpak Firefox. Thank you for pointing this out to me.
I can confirm this workaround works with both keepassxc and Firefox installed as flatpak (Manjaro Plasma 5).
