Would it be possible to add support for GitHub - tasn/webext-signed-pages: A browser extension to verify the authenticity (PGP signature) of web pages to the web vault? Signed Pages is an extension which verifies that the page you loaded has been signed with a trusted PGP key. If so, it shows a green shield in the address bar. To my knowledge, there is no impact to users without the extension. Supporting this extension would mean it would not be possible to serve the user malicious javascript in the even that the Bitwarden servers are compromised. Alternatively, it would be possible to make this part of the Bitwarden web browser extension instead of users having to use Signed Pages.
I currently self-host Bitwarden behind a VPN at home due to the concern that Bitwarden’s servers would become compromised, serve malicious code in the web interface and result in my vault being compromised. If this extension was supported, I would no longer feel the need to self-host. While I do use the web browser extension 99% of the time, I do occasionally need to login to the web vault in order to administer my account, meaning the web vault is unavoidable.