Captive Portal

From Leo's Notes
Last edited on 30 December 2021, at 02:07.

A captive portal is a private website operated in a restricted network to control access on a network. It is typically found on wireless networks that require users to log in or accept an agreement before internet access is granted. Captive portals are implemented by redirecting all HTTP requests to the provider's website.

Most operating systems will immediately open a web browser upon detecting a captive portal.

Captive Portal Detection

Operating systems will show a captive portal screen if it detects a 302 Found (or previously known as Moved Temporarily) redirection when checking for internet access against a known domain name on port 80.

For consistent connection handling, all HTTP requests should be redirected until network access is granted. Note that simply resolving all hosts to a particular IP is not sufficient to trigger a captive portal; a 302 redirect must be performed.

Most mobile devices poll their detection URLs at regular intervals, between 30 seconds to 5 minutes. For best results, if you decide a user's session is over, you should disconnect the client by disassociating them from the AP such that they will reconnect and trigger the captive portal detection again.

Operating System Domains
Windows

Documentation

www.msftncsi.com
Android clients3.google.com

connectivitycheck.gstatic.com

connectivitycheck.android.com

Apple MacOS

iOS

www.appleiphonecell.com

captive.apple.com

www.apple.com

.apple.com.edgekey.net

Samsung www.samsung.com
Firefox (browser) detectportal.firefox.com


See Also