Good day.
I need Captive Portal on the WiFi hotspot that will work without internet and popup a notification or open a login page automatically.
I am using Mikrotik with RouterOS 6.27.
I created hotspot and then added a RegExp in DNS like
.* = HOTSPOT_IP_ADDRESS
It works fine in Windows and iOS since their captive portal detection is based on getting the response from some website. Afaik - any response.
But for Android it must be some special response, with empty content or status code 204 - I am still not sure.
I tried to emulate google pages which give 204 or empty response and did redirection to my server with this emulation pages but it did not help Android to show notification.
So I need help to make captive portal notification in Android without internet.
Thanks.
Everytime your phone gets associated to the APs it will send an initial test URL request. It's a feature of Android to detect that it is trapped and offer to take the user to the splash page so the user can login and release from the trap.
Just make sure that Android's test URL file is allowed to pass the walled garden.
For reference, default Android 4.0.1 AOSP test URLs is http://clients3.google.com/generate_204, which always returns a 204 response code. Even if DNS has been interfered with since in that case a 200 code will be returned instead of the expected 204.
Also, there are some variations with fetching http://www.google.com/blank.html, which will return a 200 code with zero-length response body. So if you get a non-empty body this would be another way to figure out that you are behind a walled garden.
Related
So here is the question
Many times you start your app and and your first API request fails and you realize that even though you're connected through internet You need to login in to Your office' or home network's firewall or sonicwall and login there
So you need to open safari and open your sonicwall page and login there and come back to our app and start it again.
I want my app to detect the same and show the the redirected html page in UIWebView and once the authintication finishes i want to execute the original request withing my app
My question is
1> Is it possible ?
2> If yes how can i achieve it ?
I would suggest using the same captive portal probe URLs that Apple uses in iOS Safari, for maximum compatibility. If those URLs return 200, you shouldn't be behind a (good) captive portal, assuming I'm remembering the details correctly.
You can beef that up further by using reachability APIs to detect network changes, and probing that URL, along with Google's generate_204 URL. And in some places, you'll find Google blocked (China, IIRC), in which case you might also consider a URL with a known, predictable, machine-validateable value, such as Apple's root certificate URL. :-)
When the user signs in, you should get another reachability change event, at which point at least one of your captive portal probes will succeed, and you can reissue any outstanding requests.
I created a router that connects to facebook to get some info before a user may access the internet.
First they connect, get the Captive Portal Page and then continue to a facebook login. Since the upgrade to iOS7 it fails to load the facebook login page. On my mac with the Captive Portal Assistant it has no problems and even on the phone itself while using the iOS version of safari there are no problems.
What is going wrong here? Is facebook filtering request from the iOS7 Captive Portal Assistant or is Apple doing some sneaky stuff here?
It seems the problem is widespread and only related to facebook.
Update: I worked with the beta's and they worked fine a few weeks ago. Now with the same beta version it doesn't anymore. So another point for the facebook explaination.
Regards, Cas
This problem was fixed by Apple since IOS 8. But as all iPhone 4 users can't upgrade to IOS 8 this problem is still one.
The IOS 7 devices check for the following domains:
www.appleiphonecell.com
captive.apple.com
captive.apple.com
www.apple.com
www.itools.info
www.ibook.info
www.airport.us
www.thinkdifferent.us
Whitelisting this domains stops the login mask to be appearing as the IOS device thinks, that the internet is working as expected. This way you have control on the things which happens, as the IOS device does not interrupts anything, if you use a normal browser for login.
If you don't whitelist the domains, the following thing happens. I debugged it on routers with several IOS devices and they all did mostly the same:
If you connect to a wifi, the IOS device tries to connect to one of the domains, which are listed above. If it can contact one of the domains, it tries another one. If it can't, it starts the redirect, which is controlled by the router. Sometimes it query one or more domains, before it thinks, that the internet is working.
After the check, the login screen redirects to your router and then to the login screen of your captive portal. This behavior stayed the same as it was on IOS 6 or before.
Now you start an oauth login to a 3rd party provider like Facebook, Google or Twitter. And now the difference appears. You can check it on a router, if you run it in debug mode. As the IOS device goes to an other domain for oauth login (like www.facebook.com) the iPhone thinks, that something changed and starts to query one of the apple domains, which are listed above. The user sees only a white screen and in the background the IOS device tries to contact one of the domains repeatedly. For the user this seems to be an error, as the screen stays white or takes very long to show the login on the 3rd party provider. Sometimes it stops loading and nothing happens forever.
To avoid this behavior, you must whitelist the above listed domains. This is a not a common behavior for IOS users, but this way, your browser have the control of the login session and the IOS device don't interrupt it as it does with the login screen.
Some shallow parts of information is reported on the following sites:
https://supportforums.cisco.com/docs/DOC-36523
http://www.cadincweb.com/why-your-apple-ios-7-device-wont-connect-to-the-wifi-network
https://discussions.apple.com/thread/5355766
I couldn't find a detailed description of the problem and found the one above myself by debugging all parts with some routers and IOS devices like iPhones and iPads.
I've just tested various router settings and noticed that iOS 7 is NOT trying to contact above mentioned sites/URLs when router's DOMAIN field is blank.
My guess is that blank domain points to a consumer-type network set up and Apple is not expecting a Captive Portal at such network. If you have access to administer your router see if you can clear out the DOMAIN field (and restart/retest).
I found my solution to my problem. (a while ago, but I found this post again)
First I found out, iOS makes 3 calls, first to check, second to get the page that needs to be displayed, third to check again after the pageload. Then I discovered, for every POST or GET action made by the page, regarding of the source page was refreshed, iOS checks for an active internet connection. Since the facebook api makes a lot of calls, the browser starts stalling(possible in combination with QoS on my router) and freezes the page.
My Solution:
Since I am in control of the DNS records of the Router I use, I redirected all domains towards my own server.
First I saved the check request, this to later identify the user when he comes back for the 3th request.
When the second request comes I just display an info window that every thing is right, and the user has to click the "Done" button.
The page is loaded, so iOS checks again, but i recognize the user so I display the OK-code Apple also displays. The "Done" button us show, and the user has "internet", according to iOS..
On the page that I display, I instruct the user to open the webbrowser. When he does, he opens a page and my portal with the right page is shown(I can detect this based on the Browser Agent). Then my facebook api start doing its job, and of we go :-)
Let me know if someone needs some more info on how to detect or maybe even a code sample if necessary.
Extra Information
To capture a user on your own server, redirect every request to your processing page using for example .htaccess. The request is made to a domain with a subfile e.g:
http://captive.apple.com/getrT09Nx7G/YNrnUOulnDj/3cfrq3M40iR.html
To keep multiple users apart, use the unique url the device tries to contact when checking for internet, in this case: /getYT09Nx7G/YN1nUOulnDj/3cfMq3M40iR.html
I've setup a Captive Portal with dd-wrt, wifidog, authpuppy and some plugins from authpuppy as well as my own web app.
I am wondering what's the exact thing that will trigger a
browser on the client device to popup?
Is the popup browser from iPhone/iPad a regular browser mode?
It seems some JavaScript will fail on the browser mode, like the shake.js,
event though iOS Safari version is > 4.2.1 from https://github.com/alexgibson/shake.js/
P.S.:
I've done the research like
http://en.wikipedia.org/wiki/Captive_portal
https://personaltelco.net/wiki/CaptivePortal
they don't talk much about the popup browser.
Could anyone help?
If you will try to see the network statistics [request/response] you will find out that devices like ios and android both of them continuously hits some particular urls [in case of android it is www.google.com/generate_204 , don't remember exact url for ios]. These url are generated by system internally. These pings let their server know about various details. So as soon as ios gets connected with a captive portal it tries to hit the system generated url, failing to which it understands that this is packet level protected network and open the browser.
Hope this helps.
I've got (actually my employer has) a mobile website that enables Safari integration (for iPhones and iPads) - meaning that customers can bookmark it to their home screen and then it would behave as a standalone web app (no address bar, custom icon, start-up image etc).
It works all right except that one week ago (coincidentally soon after apple has released iOS 6.1.2) some of our customers (6 of them initially) complained that they no longer get the normal content but a '404 page' of a public wifi provider (The Cloud owned by Sky here in the UK). After a bit of investigation we've figured that at some point those customers connected to the Cloud wifi without actually logging in (it's one of those providers that would redirect you to a login page to enter your credentials, after which you can carry on browsing). The thing is that even after switching back to their private wifi or mobile data connection the application would display the Cloud's page.
This only happens (as far as I can tell) when the application is launched via the bookmark (I couldn't see this behavior when using it from safari).
What happens is that the customers would connect to the cloud wifi (without logging in), they would open the application at which point the router will issue a redirect response to their login page; the application would cache the login page and it will always display it whenever using the bookmark again. (I've performed a capture when this happens and there are no requests being made at start-up whatsoever).
Even weirder, in this situation, if removing the existing bookmark and adding a new one will show you the same cached page (with the whole operation being performed away from the Cloud). We've fixed this by adding a unique identifier to the URL each time we hit the bookmark screen (this indicates that the web apps' sandboxes are linked to the url, which is to be expected).
What we're trying to achieve is to have the application properly recovering after the customer has moved away from the Cloud. But there doesn't seem to be a straight forward way to do this.
Furthermore there's a level of inconsistency in all of this - most of the times when the flow is performed I will see a 404 page (a custom 404 page https://service.thecloud.net/service-platform), but sometimes I would be properly redirected to the login page, in which case the application would not break.
My assumption is that there is a weird race condition in the standalone web app application model causing the browser not to properly handle redirects (and actually caching 404 pages). I've raised a support incident with Apple (which eventually turned into a bug report) but it might take a while and I'm trying my best to figure out a workaround.
Any ideas, maybe someone has seen this before?
The issue is aggravated by the fact that I need to have a 5 minutes walk ever time I'm testing any fixes; I've tried creating simple test forms, but I wasn't able to reproduce the issue, where as with the full app I can do it pretty much every time.
Here's a summary of the steps to reproduce:
Via private wifi (or mobile data connection) add a bookmark to a website (I've managed to reproduce it with quite a couple of apps that support safari integration as described above)
Open the application to review the normal content
Connect to a Cloud hotspot and open the application from the bookmark (open-close it for a couple of times if you don't get the 404 right away)
Connect to the private wifi (or mobile data connection) and open the application via the bookmark -> you'll see the same 404 page again
In the end the fix was to add a unique query string parameter with the initial page request (pretty easy with the setup we already had, via the launcher page). I've filed a bug report with Apple which they've acknowledged by linking it to a previous item. Here's a post on the topic:
http://blog.onos.ro/ios-6.1.2-caching-issue
I am trying to create an application on BlackBerry 9930 simulator that authenticate the user with Facebook, using the BlackBerry Facebook API. It connects to the login page fine, but after that the entire application crashes, either when asking to review the permission or when the login has succeeded.
I noticed that the authentication process went well since I get a message from Facebook that there is a login, so I am suspecting either the problem with the browserField and/or the simulator. (I tried 3 different BB 7 simulators, all the same though).
Anyone has a way to resolve this? Thank you so much.
It seems that no one has any solution for me :(. But, after messing around with it, I have found an explanation and a solution for it and I think I should share this with you. Sorry for the lateness in the response, though.
Here is the story.
As you probably already know, after supplying the credentials, Facebook returns the access token in the URI which is followed by the # symbol. Now, the BlackBerry Facebook API overrides the handleNavigation() method to ensure that, if the URL contains the access token, it will not be processed. This used to work in earlier versions (prior to BB 7) but somehow, it seems that URL redirection in BrowserField are no longer calling handleNavigation(), but rather handleResource() directly (I don't know why and, to my knowledge, there is no documentation for this change anywhere). The result? It always tries to process the URL that contains the #access_token in it.
Worst, the BB BrowserField thinks that # means a jump to a portion of the page (which doesn't exist). Other browsers (including the BlackBerry Browser) seems to understand that already and print only "Success" on the screen, while the BrowserField does not. And when that happened, the application just stopped working and crashed, sending me back to the home screen.
So what I did was I changed the source code of the BlackBerry Facebook API so that handleResource() now checks by itself whether the access_token is in the URL. Then, the application works fine.