Thanks Alex - already mentioned upthread.

Here's a funny story about HTTPS.

I was at a hotel in Washington yesterday and tried to use their WiFi. I could connect, but when I went to Google I got an error that the browser wouldn't let me proceed due to a broken SSL connection and Googles HSTS policy. I was completely baffled as previously I would just hit the proceed link at the bottom and the captive portal would authenticate.

So what do you do when you have a baffling error and can't Google it? I popped out my phone and used the wireless network to Google it, and went down the HTTP Strict Transport Security (HSTS) headers and captive portal authentication gotcha rabbit hole.

The bottom line is that the only workaround is to go to a HTTP site first, allow the captive portal to authenticate, then go to HTTPS sites afterwards. But what sites are using HTTP now? I tried all manner of sites and kept getting hit with the bug.

Then a solution hit me, a site that is steadfastly using HTTP! I went to this forum and the problem was solved. But quite honestly this is a huge flaw that Google is ignoring and they need to work with the captive portal venders to fix it.

example.com. And it always will be, because that's the IETF standard test site for HTTP.

As for the security stuff; it's easy to fabricate excuses for why bad actors shouldn't be interested in attacking your system. But that's generally a good way to have a security issue in the future, because the attackers are far more motivated than you are to find some way to make use of your system for nefarious purposes.

_________________
Curt J. Sampson - github.com/0cjs

Hey thanks for the link! That will help in the future.

As for the captive portal issue. I have noticed a number of hotels getting rid of the authentication screen, and I wondered why. My guess is explaining this issue to random guests isn't possible. Telling them to type in example.com first is a lost cause.

There's nothing steadfast about it, there's an active effort to migrate, which has already been talked about on the forum.

_________________
- Mike Naberezny (mike@naberezny.com) http://6502.org

OK, unfortunate choice of words then. I just thought I would share both the knowledge of the captive portal authentication bug, and how the current configuration solved my issue.

Yeah, I can confirm that it is in-progress. Mike actually showed me the new HTTPS enabled version of the site, as-was at the time. Though the link appears to be dead now

_________________
Want to design a PCB for your project? I strongly recommend KiCad. Its free, its multiplatform, and its easy to learn!
Also, I maintain KiCad libraries of Retro Computing and Arduino components you might find useful.