WiFi - login page redirection not working

Vincent Bernat bernat at luffy.cx
Fri Dec 1 06:32:13 CST 2017


 ❦ 30 novembre 2017 18:26 -0800, Owen DeLong <owen at delong.com> :

>> SSL requests are.  For example, Google cache's their 301 redirect
>> from http://www.google.com <http://www.google.com/> to
>> https://www.google.com <https://www.google.com/> which means clients
>> that had access while that browser ps stays active will still
>> attempt https instead of http, regardless of what you actually type.
>
> Right, you’re talking about HSTS as I mentioned below.
>
> However, if there’s a well known URL for getting the captive portal to
> work (e.g. http://captive.portal), then we educate users (or
> browsers that they can type captive.portal (or whatever URL we choose)
> instead of google (which was my traditional go to before HSTS,
> I admit) and voila… Problem solved.

You can use http://neverssl.com/.

But as mentioned earlier in the discussion, most OS have a non-HTTPS URL
to detect a captive portal. They can display notifications to the user
when they detect a captive portal. Browsers have that too.

iOS/macOS: http://captive.apple.com/hotspot-detect.html
Windows: http://www.msftncsi.com/ncsi.txt
Ubuntu: http://start.ubuntu.com/connectivity-check
Firefox: http://detectportal.firefox.com/
Chromium: http://clients3.google.com/generate_204

DHCP and neighbor discovery can also provide the information of the
login page: https://tools.ietf.org/html/rfc7710
-- 
After all, all he did was string together a lot of old, well-known quotations.
		-- H. L. Mencken, on Shakespeare


More information about the NANOG mailing list