Captive portal doesn't appear automatically on SBB-FREE

Bug Reports
,
#1

REPRODUCIBILITY: 100% (always)
OSVERSION: 4.4.0.68
HARDWARE: Sony Xperia 10 II - Dual SIM - xqau52 - xqau52 - 0.0.2.119 - aarch64
UI LANGUAGE: Français (user: fr_FR, os: fr_FR.utf8)
REGRESSION: no

DESCRIPTION:

Sailfish OS is unable to open automatically the captive portal when it’s connected on free Wi-Fi SBB-FREE provided by the Swiss Federal Railways.

You need to visit an unsecure website like neverssl.com to be redirected on the captive portal.

PRECONDITIONS:

It’s mandatory to provide a phone number on the 1st connection. Once you’re registred, you can login each time you connect on this Wi-Fi.

STEPS TO REPRODUCE:

  1. Connect to SBB-FREE
  2. Wait until captive portal/notification appears

EXPECTED RESULTS:

Captive portal appears automatically.

ACTUAL RESULTS:

Nothing happens and you have to visit an unsecure website to login on the Wi-Fi.

MODIFICATIONS:

  • Patchmanager: yes
  • OpenRepos: yes
  • Chum: yes
  • Other: yes:
    OKBoard, Sailfish-Ease

ADDITIONAL INFORMATION:

Device Owner User: defaultuser
Home Encryption: enabled

the initial version of this bug report was created using Bugger 0.9.8+git1
Community meeting on IRC 10th November 2022
#2

Thanks for highlighting this @pherjung. These kinds of issues can be challenging to resolve without access to the wifi network in question, however I think we’ve seen something similar to this before, so it’s definitely worth looking into.

I’ve recorded an internal issue for it and tagged it as “tracked”. I’ll do my best to post any updates about it back here.

And if anyone else experiences this on other wifi networks with captive portals, it would be useful if you could please share your experiences here.

#3

@pherjung could you check what ipv4.jolla.com responds? Maybe it is enough to curl it.

1 Like
#4

Here are the results. I see nothing strange.

[defaultuser@Xperia10II-DualSIM ~]$ curl -I ipv4.jolla.com
HTTP/1.1 200 OK
Server: awselb/2.0
Date: Sat, 03 Dec 2022 04:37:45 GMT
Content-Type: text/html
Content-Length: 39
Connection: keep-alive
X-ConnMan-Status: online

[defaultuser@Xperia10II-DualSIM ~]$ curl -I rts.ch
HTTP/1.1 303 See Other
Content-Length: 0
Connection: close
location: https://freewlan.sbb.ch/c/s/ab180f24-383d-4459-be73-2489db6ffdef/?s=0a37e930-0962-4a62-9e83-3c6328b6eb02&i=http%3A%
2F%2Frts.ch%2F
expires: 0
cache-control: private, no-cache, no-store, must-revalidate
server: MPP by onway ag
date: Sat, 03 Dec 2022 04:38:21 GMT
X-MPP-Cache-Status: MISS
X-MPP-Response-Time: 0.001
X-MPP-System-Name: sbb-mpp20bn.sbb.wlp.is
1 Like
#5

The result for ipv4.jolla.com is very strange. That should be the captive portal answer (3xx redirect) and not 200 ok… Can you curl http://detectportal.firefox.com/canonical.html ?

curl -I was a good idea, can you also do a regular curl to see the delivered content?

(it looks like some requests are allowed without signing in to the portal, i wonder why and if you could exploit that to build a proxy…)

#6 
defaultuser@Xperia10II-DualSIM ~]$ curl -v ipv4.jolla.com
*   Trying 54.194.28.70:80...
* Connected to ipv4.jolla.com (54.194.28.70) port 80 (#0)
> GET / HTTP/1.1
> Host: ipv4.jolla.com
> User-Agent: curl/7.81.0-DEV
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 303 See Other
< Content-Length: 0
< Connection: close
< location: https://freewlan.sbb.ch/c/s/f86c8c81-87fc-4d3b-99ac-b5daa1cb46d3/?s=20b4679b-6edb-44fa-815e-546eea36707c&i=http%3
A%2F%2Fipv4.jolla.com%2F
< expires: 0
< cache-control: private, no-cache, no-store, must-revalidate
< server: MPP by onway ag
< date: Sun, 04 Dec 2022 05:40:43 GMT
< X-MPP-Cache-Status: MISS
< X-MPP-Response-Time: 0.000
< X-MPP-System-Name: sbb-mpp20bn.sbb.wlp.is
<
* Closing connection 0

[defaultuser@Xperia10II-DualSIM ~]$ curl -v detectportal.firefox.com/canonical.html
*   Trying 34.107.221.82:80...
* Connected to detectportal.firefox.com (34.107.221.82) port 80 (#0)
> GET /canonical.html HTTP/1.1
> Host: detectportal.firefox.com
> User-Agent: curl/7.81.0-DEV
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 303 See Other
< Content-Length: 0
< Connection: close
< location: https://freewlan.sbb.ch/c/s/f86c8c81-87fc-4d3b-99ac-b5daa1cb46d3/?s=20b4679b-6edb-44fa-815e-546eea36707c&i=http%3
A%2F%2Fdetectportal.firefox.com%2Fcanonical.html
< expires: 0
< cache-control: private, no-cache, no-store, must-revalidate
< server: MPP by onway ag
< date: Sun, 04 Dec 2022 05:41:39 GMT
< X-MPP-Cache-Status: MISS
< X-MPP-Response-Time: 0.001
< X-MPP-System-Name: sbb-mpp20bn.sbb.wlp.is
<
* Closing connection 0
1 Like
#7

Interesting that you didnt receive a 200 this time… But still doesnt detect the captive portal?

#8

Before I tested with curl, I got a notification but there wasn’t any redirection. I had to open a unsecure page again to be redirected and get connected. It this case, it may be the network the problem.

I’m wondering what is the mechanism to activate the notification.

#9

What do you mean by no redirection? You clicked the notification, but nothing happened?

#10

Yes, it opened the “browser” and the page stayed blank.

#11

Maybe it cant render the captive portal… Can you curl that?

#12

I’m bit lost. What should I curl?

#13

the captive portal, if the page stays blank it would be interesting to see what is on the page. Do that when the notification shows up, curl and then click the notification to see if it is still blank.

Maybe even better to check for the current url before by doing curl -v ipv4.jolla.com | grep location | cut -n1 again and getting location.

in one line something like this:

curl -v ipv4.jolla.com |tee /dev/tty | grep location | cut -d " " -f3 | xargs curl --include
#14

I got a hint. Executing following command open the captive portal and connect my device to the network:

/usr/bin/sailjail -p sailfish-captiveportal.desktop /usr/bin/sailfish-captiveportal -captiveportal ipv4.jolla.com

Now I have to find out how to trigger this command.