I am writing an application wherein I would like to check if the user is connected to the Access Point, but network access is not permitted(due to presence of captive portal).
The following URL is a test server from Microsoft, and if everything is successful then it returns HTTP 200 , with content as "Microsoft Connect Test" http://www.msftconnecttest.com/connecttest.txt
To return the status back to the user, I would like to double check with one more test server, which returns some content in the HTML response.
There is one test server from Google as "http://connectivitycheck.gstatic.com/generate_204", but this gives empty HTML response.
Couple of servers are available from Mozilla and Apple, but all returns "SUCCESS" in HTML response.
Why I dont prefer any test server which returns merely "SUCCESS" in HTML body is because, it doesnt allow me to test the scenario of content tamper attack.
pl reply if you know any other standard server to test captive portals...
~Ashish
To know that you are connected to a captive portal on which you have not been authenticated yet, you can use any https (http over SSL/TLS) URL since the captive portal will not be able to complete a correct handshake because it does not have the secret key associated to a valid X.509 certificate that has been signed by a known root CA or an intermediate one. Moreover, this protects you against content tamper attack.
Once authenticated to the captive portal, you can check that the captive portal makes use of a transparent proxy using any http URL with the HTTP/1.0 protocol, since most captive portals look for the « Host: » header (that appeared in HTTP/1.1) to be able to get the real host you want to connect to.