As I tested, apple CNA login page doesn’t store cookies in any versions of ios (8,9,10) (Although there is an article suggesting it does http://appleinsider.com/articles/16/01/20/apple-patches-ios-captive-portal-bug-that-let-hackers-impersonate-victims-online, but I couldn’t find how), So I think the only option to keep the session is relying on MAC address but I belive it’s easliy sniffable. Is there any way to store cookie in apple login page? Is using MAC address a good idea?
I also tried to use WISPr to keep the login. but the only documentation I found about this was some lines of code. I didn’t how it works and what should be done?
Another way is totally bypass the apple CNA and force the user to use a the real browser which introduces new problems. First which URLs apples check in different version of ios? And it makes it a little hard to tell the user how to use the system.
As I tested ios 10.3.3 and 9.0.2 it only checks urls under captive.apple.com.
windows checks www.msftconnecttest.com
android checks clients clients3.google.com
Is there similar problem with android or windows devices?