Hi All,

I've posted this here and on the MikroTik subreddit to see if anyone knows of something I'm not aware of, but I'm wondering if there's any allowance in browsers nowdays to permit using a HTTPS authenticated hotspot page to be presented to an end user, without having them see the "This website isn't the one you requested" when they try to load https://www.google.com as their homepage.

I understand that the reason this is shown is that when user has requested www.google.com and the page and SSL certificate returned to them is along the lines of hotspot.example.com the browser should kick up an error, however given all mobile devices now simply tell you there's a login page you're hitting when you try to connect to a new wireless network, is there an allowance for new browsers to do this too, or perhaps something that could be added into a webpage to identify it as a hotspot page to the browser?

Any thoughts or suggestions are welcome.

There is the new HTTP status codes which include 511 "Authentication Required", and although the RFC itself mentions that currently, browsers will show a certificate error on an SSL page, I think browser vendors should be asked to not do that.

That is, if an HTTPS page returns 511 AND contains a certificate AND does a redirect AND the certificate is valid for the domain that the response redirects to... THEN, instead of an error, the user should be presented with a pop up that asks them whether they'd like to follow the redirect or cancel (akin to what happens when you refresh a page with a POST form on it).

I don't have the setup to check IF modern browsers already do that, but if they don't, here's the place to ask them to:Chrome and Firefox. IE is sure to follow if those two can be persuaded.

Excellent, thanks for the link!