[CoovaChilli] Chrome on Android (https)

José Borges jose.borges at algardata.pt
Mon Sep 26 17:00:32 BST 2016

Yes I had this problem BEFORE i changed the DNS1 and DNS2, and removed anything related to Google (DNS's) from my UAMDOMAINS in the chilli config.

Now when I connect to the WIFI, I get a "YOU NEED TO START A SESSION" in the WIFI android list, and when I click it and choose CONNECT, the Chrome opens and after a few seconds (trying to open www.google.com) the browser shows the UAM page OR a icon saying CHECK YOUR INTERNET CONNECTION (open your browser to conclude the connection) which then opens the UAM page.

> -----Mensagem original-----
> De: Denis Dorigo [mailto:denis.dorigo at waveloc.com]
> Enviada: 26 de setembro de 2016 16:55
> Para: José Borges <jose.borges at algardata.pt>; Sevan Janiyan
> <venture37 at geeklan.co.uk>; coovachilli at brightonchilli.org.uk
> Assunto: RE: [CoovaChilli] Chrome on Android (https)
> Hi Jose,
> That’s exactly what I did, and the result came back after the clearing the
> cache.
> Reading about it, it has nothing to do with DNS but what the site "throws"
> at the browser.
> I am sure you have the same problem... you just have not seen it personally
> yet!
> (https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security)
> HTTP Strict Transport Security (HSTS) is a web security policy mechanism
> which helps to protect websites against protocol downgrade attacks and
> cookie hijacking. It allows web servers to declare that web browsers (or
> other complying user agents) should only interact with it using secure HTTPS
> connections,[1] and never via the insecure HTTP protocol. HSTS is an IETF
> standards track protocol and is specified in RFC 6797.

More information about the CoovaChilli mailing list