[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
WiFi - login page redirection not working
- Subject: WiFi - login page redirection not working
- From: owen at delong.com (Owen DeLong)
- Date: Thu, 30 Nov 2017 11:07:09 -0800
- In-reply-to: <CAP-guGUgR7UVhtXH1jEMidNrR0-typMnwjCW5mWZz-4XLJbG=A@mail.gmail.com>
- References: <CAOLsBOvE6Nin=2qEPJc6mxkHx8R6ekGEWza6zPOCObh2-yE5PQ@mail.gmail.com> <CAAAwwbU7aSad8fbrcBOjg1h5aaWFGL_ZBdVLfRn24-nkuuq8FQ@mail.gmail.com> <CAN9qwJ96=1xfs6eXGRLzTMhBWvXGxBsy7dTXW7viopODY6stiA@mail.gmail.com> <[email protected]> <CAP-guGUgR7UVhtXH1jEMidNrR0-typMnwjCW5mWZz-4XLJbG=A@mail.gmail.com>
> On Nov 30, 2017, at 10:15 , William Herrin <bill at herrin.us> wrote:
>
> On Thu, Nov 30, 2017 at 1:08 PM, Owen DeLong <owen at delong.com <mailto:owen at delong.com>> wrote
> > On Nov 30, 2017, at 08:20 , Josh Luthman <josh at imaginenetworksllc.com <mailto:josh at imaginenetworksllc.com>> wrote:
> >
> >> If TLS would somehow allow you to redirect...
> >
> > No but it would be nice to have a solution that redirects the user instead
> > of "this page can't load" creating confusion.
>
> A well-known non-SSL (non-HSTS) URL that users could use for this purpose would
> serve the same purpose without producing the security problems mentioned.
>
> A well known SSL certificate that if it appears during negotiation means the application should "check for captive portal.â??
This would require modification of all clients and I see no advantage to it vs. a well known
locally resolvable URL for captive portals that â??MUST NOTâ?? indicate HSTS.
Please explain.
Owen