from Hacker News

CoffeeShopWifi.com – An HTTP website for connecting to guest WiFi

by jastr on 7/8/21, 1:43 PM with 83 comments

by ykat7 on 7/8/21, 4:27 PM
I like the straightforward explanation this site provides. That said, I tend to use http://example.com to trigger captive portals because it's an IANA reserved domain [1] that other people can't register.
This gives me confidence to browse to it without fear that the domain could lapse in the future and get taken over (e.g. in a watering hole attack).
[1]: https://www.iana.org/domains/reserved
by franze on 7/8/21, 4:42 PM
Similar to http://neverssl.com/ I guess?
by jacobwil on 7/8/21, 4:51 PM
My favorite version of this trend remains http://alwayshttp.com because https://alwayshttp.com doesn't work since alwayshttp.com:443 doesn't connect.
On the other hand, it's possible to reach https://coffeeshopwifi.com and (with a cloudfront certificate error) https://neverssl.com which makes me wonder if something in whatever I'm using is trying to upgrade to HTTPS when I fail to reach them.
by jedberg on 7/8/21, 5:21 PM
http://captive.apple.com/ is pretty much always up because it has some pretty strong infrastructure behind it since billions of Apple devices connect to it automatically. It's always my goto for captive portals.
by wyldfire on 7/8/21, 5:19 PM
Seems like the DHCPACK message and/or router advertisement could/should have a reference to the URI that has policy/billing form that's required to utilize a gateway. That way we don't need a special magical service that expects to be redirected to the policy form. AFAICT each OS/distro seems to solve this their own way currently, with their own service.
Does any such standard feature already exist?
by sbr464 on 7/8/21, 4:59 PM
http://www.neverssl.com
by jraph on 7/8/21, 10:54 PM
I use http://perdu.com/
It says:
```
    Perdu sur l'Internet ?
    Pas de panique, on va vous aider
    
        * <----- vous êtes ici
```
Translation:
```
    Lost on the Internet?
    Don't panic, we are going to help you
    
        * <----- you are here
```
It is funny, it's been up and without change for decades (amazingly; first snapshot on archive.org in 1998, Wikipedia reports it's been there since 1996!), never had a https version, never noticed a downtime and I've yet to see a page that combine such a short / easy to type URL with such a short size (only 163 bytes, which is useful on spotty / weak connections).
Hard to beat.
CoffeeShopWifi.com is certainly a good idea, could be added to the favorites of non-technical English speakers. Coffee shops are not the only places with captive portal though, here in France they are common on Wifi access points provided by ISPs to their customers when they are roaming, and by the train company (SNCF) in trains and train stations.
Captive Portal is probably too technical so naming this is hard.
by gmontanola on 7/8/21, 8:19 PM
My go-to site for this is: http://pudim.com.br
Pudim is portuguese for pudding. This website runs for as long as I can remember and there is only low-res photograph of a pudding.
by hkolk on 7/8/21, 4:42 PM
same kind of website but easier to remember for me: http://neverssl.com
by jastr on 7/8/21, 5:30 PM
Neat to see all the alternatives. I'm not sure what non-technical folks do when faced with this problem, so I picked a friendly domain name.
Ironically, if CoffeeShopWifi.com works successfully, the users won't see it.
by kevincox on 7/8/21, 5:11 PM
It seems that HTTPS is available which made my browser (in HTTPS-only mode) connect to the HTTPS site. I suppose that if HTTPS was blocked it would allow me to fall back to HTTP but it gives a much less clear error than something like http://neverssl.com/ does.
by ChrisArchitect on 7/8/21, 8:28 PM
this doesn't explain why you should connect to the site or would need to use it. That first paragraph could describe the scenario.
As I haven't been inside a coffee shop or any public wifi scenario in over a year I was trying to remember what the use case was for this....
by imwally on 7/8/21, 8:56 PM
Yeah, captive portals are annoying. I got so frustrated with trying to connect to Starbucks' WiFi that I ended up writing my own script [1] that would allow me to authenticate from my terminal. I even wrote about what happens behind the scenes when you connect. [2]
1: https://github.com/imwally/coffeeconnect
2: https://nil.wallyjones.com/what-happens-when-you-connect-to-...
by robbiemitchell on 7/8/21, 4:49 PM
I don't understand how this (and other similar sites mentioned) work. What is going on with the network that makes visiting a non-SSL site make it work? Anyone care to offer an explanation or have a link to one?
by droopyEyelids on 7/8/21, 10:50 PM
I ctrl-f'd and didn't see anyone mention that you can look at your wifi settings, and visit the router aka default gateway IP to connect to the portal directly.
So like if your settings say your gateway is 192.168.0.1, go to https://192.168.0.1
This will work in situations where even a site like coffeeshopwifi.com doesn't
by firefoxd on 7/8/21, 5:07 PM
I've noticed neverssl.com and others failing for me the past couple months. The browser caches them so the page is never redirected.
by FanaHOVA on 7/8/21, 5:29 PM
I just go to 192.168.1.1 and it works fine most of the time (I can't remember when it didn't work, but just in case...)
by Y_Y on 7/8/21, 5:06 PM
I used to use purple.com for this. Anyone who used it back in the golden age of the internet knows it was ideal for such purposes. It even had that squirrel game. Anyway after many many years of serving that masterpiece over plain http the guy sold the domain to some fucking matress company who insists on SSL.
by sontek on 7/9/21, 3:24 AM
I use http://neverssl.com :)
by swiley on 7/8/21, 4:40 PM
My personal website (the top level index) is effectively a brochure with nothing that could be used for authenticating (there's a very broken javascript crypto app on it but that's just a toy and is clearly marked as such.) I always just use that.
by darwinwhy on 7/8/21, 9:00 PM
http://zombo.com
by denysvitali on 7/8/21, 5:38 PM
Basically, http://clients1.google.com/generate_204 with a more memorizable URL
by larskarbo on 7/8/21, 5:46 PM
I use http://asdf.com for this. The main advantage being its so easy to type
by tyingq on 7/8/21, 10:25 PM
I thought most devices had solved this with their own captive portal detection logic and websites now. Is that not the case?
by jaflo on 7/8/21, 8:27 PM
Similarly http://http.rip/ is short and memorable
by jpetrucc on 7/8/21, 9:39 PM
I like to use http://http.rip/ for this!
by tarkin2 on 7/8/21, 8:50 PM
OT: But the website's source has a great way to stop (I guess most) web scrapers from scraping email addresses.
by ipv6ipv4 on 7/8/21, 5:47 PM
I wish captive WiFi sign in pages would just go away. They hinder usability while providing no value to anyone.
by c0nsumer on 7/8/21, 5:52 PM
I own and maintain dingleberrypie.com and maintain it as a non-HTTPS site for exactly this reason.
by mahathu on 7/8/21, 9:07 PM
I use att.com if the OS doesn't show the portal automatically, it's nice and short.
by rodonn on 7/8/21, 5:31 PM
I use t.co (owned by twitter). Its major benefit is extremely short to type and no https.
by vincentmarle on 7/8/21, 5:03 PM
> Coffee Shop Wifi always connects with HTTP instead of secure HTTPS. This allows guest wifi networks to show you their internet login page.
I always go to http://paulgraham.com when I need to connect to guest WiFi for the exact same reason..
by jonny_eh on 7/8/21, 5:58 PM
Don't most OSes include a mechanism to visit a non-SSL site automatically?
by arthurcolle on 7/8/21, 5:46 PM
Can't you always just go to 10.0.0.1?
by zacharycohn on 7/8/21, 6:19 PM
I always use lolwut.com for this
by imwillofficial on 7/8/21, 5:34 PM
This is one of those ideas, so simple, so necessary, so brilliant, that I'm jealous I didn't come up with it.
Great work!
by cjtrowbridge on 7/8/21, 9:39 PM
Neverssl.com is nice too
by lxe on 7/8/21, 5:55 PM
I go to 1.1.1.1