Captive portal detection

Hi Team,

I have been working on an application that includes a Network Extension. I wanted to disable it if a captive portal is detected over the network. I have tried different approaches to detect it, including the standard approach outlined in the following document: https://datatracker.ietf.org/doc/html/draft-ietf-capport-api, using the URL https://captive.apple.com/hotspot-detect.html. However, none of these methods seem to be working. Additionally, the kSCNetworkReachabilityFlagsConnectionRequired flag is not being flagged when under a captive network. Could you please assist with this issue?

Thank you.

You tagged your thread with System Extensions, so I’m going to presume you’re targeting the Mac here. That doesn’t really change the answer, but I just wanted to be clear up front about that assumption.

Could you please assist with this issue?

Not really. macOS does not have an API that returns whether it thinks a network is captive.

Also, I’m sure if such an API would help you much. There are three possibilities here:

  • The network is not captive at all (A).

  • The network is captive and macOS has detected it as such (B).

  • The network is captive and macOS has not detected that (C).

An API would only help you in case B, but in that case macOS won’t make the network the default route until it thinks it’s successfully negotiated the captive portal, so your NE provider won’t be using the network anyway.

My guess is that you’re primarily concerned with case C, where your NE provider is using a network even though it’s captive. However, an API from Apple won’t help in that case, because macOS hasn’t detected it as captive.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Captive portal detection
 
 
Q