On Mon, 15 Jun 2015, Stephen John Smoogen wrote:
Is the code on how ChromeOS or Android detects captivity part of the 'public' code? It seems to do a 'good' job in finding many captive portals so might be something to get an idea on how many weird ways things are out there.
I think everyone does it similarly. Apple, Google, etc. You have a web server with a guarantee on no HTTP redirect. You expect some specific content, typicall "OK" to be there in the proper mime type. (usually text) If you get different text or a redirect or other error (eg forbidden) then you assume you're in a captive portal. Apple (foolishly) used to use something like http://apple.com/hotspot on their main site itself, which meant that using a VPN on demand could never protect apple.com because the iphone had to leave that domain out of the vpn trigger list or else all hotspot detection would be broken. It seems they have switched to captive.apple.com with returns "Success". It has a TTL of 10 (after a CNAME redirect into Akamai) but it is missing a AAAA record. Guess there aren't many ipv6 captive portals yet :P Paul -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
