Skip to content

Serve Apple app site association file#7191

Merged
dani-garcia merged 1 commit into
dani-garcia:mainfrom
user71424q:fix/apple-app-site-association
May 17, 2026
Merged

Serve Apple app site association file#7191
dani-garcia merged 1 commit into
dani-garcia:mainfrom
user71424q:fix/apple-app-site-association

Conversation

@user71424q

Copy link
Copy Markdown
Contributor

Summary

Serve /.well-known/apple-app-site-association from vaultwarden.

Right now the request falls through to the web vault catch-all route:

#[get("/<p..>", rank = 10)]

That route takes a PathBuf, and Rocket rejects .well-known before the static file lookup runs. The result is a 422 Unprocessable Entity instead of an AASA response.

Changes

  • Add an explicit GET /.well-known/apple-app-site-association route before the catch-all web vault route.
  • Return JSON with Content-Type: application/json.
  • Use the current Bitwarden iOS app identifiers:
    • LTZ2PFU5D6.com.8bit.bitwarden
    • LTZ2PFU5D6.com.8bit.bitwarden.beta

Notes

I'm keeping this scoped to the server-side endpoint. This fixes the 422 response for the AASA URL, but it does not claim to fully solve every iOS passkey/auth-loop case by itself.

Verification

I checked the route behavior with a minimal Rocket reproduction using the same catch-all route shape.

Before adding an explicit route:

GET /.well-known/apple-app-site-association
PathBuf guard forwards with BadStart('.')
status: 422 Unprocessable Entity

After adding the explicit route:

GET /.well-known/apple-app-site-association
status: 200 OK
content-type: application/json

I also ran:

cargo fmt --all -- --check
git diff --check

Finally, I ran the repository CI on my fork for commit 399742b; all checks passed:

  • Build and Test / msrv
  • Build and Test / rust-toolchain
  • Code Spell Checking
  • Hadolint
  • Check templates
  • zizmor

Refs #7186

@dani-garcia dani-garcia left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't test it but it looks reasonable enough, thanks!

@dani-garcia
dani-garcia merged commit d626ea8 into dani-garcia:main May 17, 2026
9 checks passed
zaid-marji pushed a commit to zaid-marji/vaultwarden that referenced this pull request May 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants