Login items with local TLD matched according to "Base domain" rule contrary to the information in the docs?

piotr_dobrogost · March 12, 2024, 10:18am

My setup
Default URI match detection set to Base domain.
Login item with urls http://localhost, http://domainX.company.local, http://domainY.company.local, all set to Default match detection.

Being on page with url http://logstash.test.company.local/(…) Bitwarden shows above login item as matching.

Question
Isn’t this contrary to the the following note (emphasis mine):

Note
Login items intended to auto-fill in a URI with a local TLD (e.g. http://mysite.local or https://mysite.lan) or single-term hostname (e.g. http://localdevice) will not be available for base domain detection. We recommend using host matching.

?

grb · March 12, 2024, 1:53pm

Seems you are right. I would suggest reporting this as a bug (local TLDs are matched on “Base Domain” rule) using a GitHub Issue report.

piotr_dobrogost · March 27, 2024, 7:36am

I reported it here Local TLDs are matched on “Base Domain” rule · Issue #8309 · bitwarden/clients · GitHub and the only person who left a comment couldn’t reproduce it.

grb · March 27, 2024, 1:33pm

Maybe try contacting support to see if they can troubleshoot (in case it’s an issue on your end)?

I don’t have access to a .local domain that I could test on, unfortunately.

piotr_dobrogost · March 27, 2024, 1:54pm

You could easily have any domain you want locally using hosts file – hosts (file) - Wikipedia

grb · March 27, 2024, 1:59pm

Thanks — to test your issue, wouldn’t I also need to run a local server that is listening for HTTPS requests sent to the domain? For example, if I go to https://localhost, I just get an error message (“localhost refused to connect”).

piotr_dobrogost · March 28, 2024, 8:19am

Right, you need http server and we can skip https (which requires setting up certificates).
If you have Python you can run http server like this python3 -m http.server 8000 and add port number to test URI – http://test.company.local:8000/

grb · March 28, 2024, 12:30pm

Thanks. I don’t have Python installed on my current laptop, unfortunately. Thus, I don’t want to promise to go ahead with setting up a test for your issue. However, in case I do decide to take those steps, I would need a few more instructions:

How to kill the HTTP server.
How to set up the hosts file entry to associate the Python HTTP server with a .local domain (i.e., what IP address to put in the first column).

piotr_dobrogost · March 28, 2024, 12:58pm

When you run it with python3 -m http.server 8000 it runs in the foreground meaning it waits for your kepresses on command line. When you press Ctrl-C it quits.

In the first column you put IP address of localhost which is 127.0.0.1 so it would be
127.0.0.1 test.company.local