Menu
It looks like in ios7 the URL that the device sends a request to to check whether it has an internet connection after connecting to wifi has changed (for the much worse!).
in ios6 and earlier,the request was :
GET /library/test/success.html HTTP/1.0
Host: www.apple.com
User-Agent: CaptiveNetworkSupport/1.0 wispr
Connection: close
(source)
But now in ios7, it can access 'upto 200' (according to cisco ).
Having tested this myself, I can confirm the requests randomly go to appleiphonecell.com, captive.apple.com, airport.us, ibook.info among others.
So my question is: Does anyone have a full list of these URLs (maybe it's just every domain Apple own)? We run a captive portal on our wifi, but just to let users know they need to connect to the VPN after connecting to wifi. Clicking 'cancel' on the captive portal log in page sometimes presents the option 'use without internet' which will then allow the user to connect to the VPN, but sometimes, clicking 'cancel' doesn't give this option, and just disconnects the wifi connection straight away, which then means the user can't connect to the VPN.
Before we could just forge a response to the specific URL (library/test/success.html) which would then leave the wifi connected. We can do this again if we had a list of the sites it can access, otherwise we might have to go back to the drawing board with our captive portal! (Or await an ios7 update that fixes the option to 'use without internet' , which isn't appearing every time). Think we'll look into doing based on user agent for now if thats possible.
Edit-wee update, looks like UA is staying consistent at least with 'CaptiveNetworkSupport' being the common denominator, so we'll change to UA checking for the time being.
338
Traditionally, captive networks rely on intercepting traffic from the person connected. By default, iOS and macOS automatically send a probe when joining your network for the first time to detect this interception, and display the captive portal login page.
There's no way to disable Apple's portal-connection behavior: it's intended and expected. The only way to avoid seeing it is to never connect to public hotspots that require a portal to log in.
What you need to do is, when this message pops up, what you need to do is go to wifi settings and try to find to which wifi is your iphone trying to connect. Once you find the name to the wifi which your iphone is trying to connect it, you need to select “Forget this network”.
Captive networks are also called "subscription" or "Wi-Fi Hotspot" networks. You can find these networks in coffee shops, Internet cafes, hotels, airports, and other public locations.
Interesting enough, www.appleiphonecell.com and captive.apple.com both currently resolve to Akamai addresses.
~/ > host captive.apple.com
captive.apple.com is an alias for captive.apple.com.edgekey.net.
captive.apple.com.edgekey.net is an alias for e7279.e9.akamaiedge.net.
e7279.e9.akamaiedge.net has address 23.212.87.91
But airport.us and friends resolve directly to to Apple's Class A network.
~/ > host airport.us
airport.us has address 17.149.160.87
airport.us has address 17.172.224.81
From these IP addresses you can find many more hostnames that have the same PTR record. Adding the path /library/test/success.html most often results in a direct response or a redirect to the same page on the www.apple.com hostname.
~/ > host 17.149.160.87
87.160.149.17.in-addr.arpa domain name pointer airport.us.
87.160.149.17.in-addr.arpa domain name pointer ibook.info.
87.160.149.17.in-addr.arpa domain name pointer macbookair.net.
87.160.149.17.in-addr.arpa domain name pointer macintosh.me.
87.160.149.17.in-addr.arpa domain name pointer applecare.info.
87.160.149.17.in-addr.arpa domain name pointer macintosh.info.
87.160.149.17.in-addr.arpa domain name pointer itunes.info.
87.160.149.17.in-addr.arpa domain name pointer itunes.us.
87.160.149.17.in-addr.arpa domain name pointer iphoto.us.
87.160.149.17.in-addr.arpa domain name pointer applecare.us.
87.160.149.17.in-addr.arpa domain name pointer macbook.us.
87.160.149.17.in-addr.arpa domain name pointer itunesmobile.com.
87.160.149.17.in-addr.arpa domain name pointer ipod.us.
87.160.149.17.in-addr.arpa domain name pointer itunestelevision.com.
87.160.149.17.in-addr.arpa domain name pointer macosxversions.com.
87.160.149.17.in-addr.arpa domain name pointer itunes.me.
87.160.149.17.in-addr.arpa domain name pointer itunesaircheck.com.
87.160.149.17.in-addr.arpa domain name pointer mac.us.
87.160.149.17.in-addr.arpa domain name pointer macbookair.us.
87.160.149.17.in-addr.arpa domain name pointer ipod.me.
87.160.149.17.in-addr.arpa domain name pointer applestore.info.
87.160.149.17.in-addr.arpa domain name pointer iphone.me.
87.160.149.17.in-addr.arpa domain name pointer osxlionlaunchpad.com.
87.160.149.17.in-addr.arpa domain name pointer macgestures.com.
87.160.149.17.in-addr.arpa domain name pointer macbookair.org.
87.160.149.17.in-addr.arpa domain name pointer mac.info.
87.160.149.17.in-addr.arpa domain name pointer macos.us.
87.160.149.17.in-addr.arpa domain name pointer myipod.net.
87.160.149.17.in-addr.arpa domain name pointer itunesu.net.
87.160.149.17.in-addr.arpa domain name pointer appleiphonecell.com.
87.160.149.17.in-addr.arpa domain name pointer firewire.us.
87.160.149.17.in-addr.arpa domain name pointer airport.info.
87.160.149.17.in-addr.arpa domain name pointer itunesparty.com.
87.160.149.17.in-addr.arpa domain name pointer applecomputer.info.
87.160.149.17.in-addr.arpa domain name pointer appletv.info.
87.160.149.17.in-addr.arpa domain name pointer applecomputers.us.
87.160.149.17.in-addr.arpa domain name pointer idvd.us.
87.160.149.17.in-addr.arpa domain name pointer osx.info.
87.160.149.17.in-addr.arpa domain name pointer macbookair.info.
87.160.149.17.in-addr.arpa domain name pointer itunesu.org.
87.160.149.17.in-addr.arpa domain name pointer itunesuniversity.com.
87.160.149.17.in-addr.arpa domain name pointer imovie.us.
87.160.149.17.in-addr.arpa domain name pointer theapplestore.org.
87.160.149.17.in-addr.arpa domain name pointer macbookpro.org.
87.160.149.17.in-addr.arpa domain name pointer apple.me.
87.160.149.17.in-addr.arpa domain name pointer itools.info.
87.160.149.17.in-addr.arpa domain name pointer thinkdifferent.us.
87.160.149.17.in-addr.arpa domain name pointer thinkdifferent.info.
87.160.149.17.in-addr.arpa domain name pointer macintosh.us.
87.160.149.17.in-addr.arpa domain name pointer ipod.info.
87.160.149.17.in-addr.arpa domain name pointer applescript.us.
87.160.149.17.in-addr.arpa domain name pointer quicktime.info.
87.160.149.17.in-addr.arpa domain name pointer macosxlionairdrop.com.
87.160.149.17.in-addr.arpa domain name pointer itunesshow.com.
87.160.149.17.in-addr.arpa domain name pointer airtunes.net.
87.160.149.17.in-addr.arpa domain name pointer ipod.net.
87.160.149.17.in-addr.arpa domain name pointer macos.info.
87.160.149.17.in-addr.arpa domain name pointer imac.info.
87.160.149.17.in-addr.arpa domain name pointer imac.us.
87.160.149.17.in-addr.arpa domain name pointer appleiosv.com.
87.160.149.17.in-addr.arpa domain name pointer ipodnano.me.
In our tests it looked like the CNA also triggers requests with not only "CaptiveNetworkSupport" but a common WebKit User-Agent identifier. Have you actually succeeded in checking only the User-Agent header for CaptiveNetworkSupport?
This is really a mess.
5
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
