Comments (6)
Good work! Personally i think that the concept of showing the captive portal by redirection is bad (the host where coova-chilli is running must have a trusted certificate to work with SSL and most mobile browsers does not allow to accept a no-trusted certificate..). So i think to develop something like a mobile app that replaces the captive portal (starting from CoovaAX for example..).
from coova-chilli.
@PINKRA, not sure if you got the way I've implemented this. Take a look, hotspot.example.com is resolved 10.1.0.1 and has a valid certificate from startssl.com. You see, now warnings from the browser.
As public wireless networks are usually not encrypted this is the only way to protect usernames and passwords from being sniffed.
UPD: to be clear, it's impossible to put https on you main portal without these modifications because it leads to loading unsecured content on a secured page and browsers rise warnings about this. So once you set up https on your login pages (and if not – username and password are transferred unencrypted over unprotected wi-fi network) you have to set up https for all the coova sources stored on the hotstop as well.
from coova-chilli.
Yes, my previous considerations were generic and not referred to your specific work that i appreciate. I suggest you to make a pull request for your fixes.
from coova-chilli.
Perfect, so I'll make a single pull request for all the mentioned things a bit later. I'll also make PAP passwords optional.
from coova-chilli.
Can this ticket be closed?
from coova-chilli.
Yep, sorry, no time for PAP support, I'll make a pull request if I'll find time for it.
from coova-chilli.
Related Issues (20)
- How to use --routeif=STRING ?
- How to use ipwhitelist option? HOT 8
- XT_COOVA state value isn't updated | Ubuntu 20.04.4 LTS / Kernel 4.15.0-189-generic HOT 1
- coova-chilli with Python 3
- Coova-chilli compile error using the latest OpenWrt Master branch (July 31 2022)
- Connected users to chilli hotspot disconnects HOT 2
- Chilli dose not update time/date after NTP sync HOT 1
- Fix HOT 2
- no snat rule in the up.sh and down.sh HOT 5
- Push routes to clients? HOT 4
- XT_COOVA not "called"? HOT 3
- Is the coova project dead? HOT 6
- Help with iptables and XT_COOVA HOT 1
- Сannot authorize the user by sessionid HOT 3
- compatibility with PHP 8.1 HOT 7
- How to open Splash page in Default Browser Automatically HOT 1
- XT-coova "screwing up" all "readings" - iptables in particular HOT 1
- cmdline.ggo HOT 1
- Coovachilli json wispr-bandwidth-max-down
- Will the next version be released? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from coova-chilli.