Firefox - Detect Captive Portal

When you start the Firefox web browser, it will attempt to determine if the network connection available to it when it starts is via a captive portal. If you use a hotel's Wi-Fi service, a free WiFi service provided by a restaurant or other business, or some other public WiFi service, when you first open your browser you may see a web page asking you to accede to terms of service, an acceptable use policy, or to provide some authentication information, e.g., perhaps your name and room number for a hotel, or to provide payment information if you are accessing a wireless service that is not free. You won't be able to go elsewhere on the web, at least not easily, until you deal with the demands/conditions specified on the captive portal page.

Firefox makes a determination on whether there is a captive portal constraint by attempting to download the file success.txt from http://detectportal.firefox.com/success.txt (there is only one word in that file, the word "success". If it can successfully retrieve that file, it can assume that it is not constrained by a captive portal. You can see such attempts using the free and open-source (FOSS) Wireshark packet analyzer utility by specifying a filter of "http.request.method == "GET".

Udemy - April2516-25off-sitewide120x600

Firefox - get success.txt

If you don't want that check to occur, you can turn it off by typing about:config in the address field where you would normally type a URL in Firefox. You will see a warning page stating "This might void your warranty! Changing these advanced settings can be harmful to the stability, security, and performance of this application. You should only continue if you know what you are doing." Click on the "I accept the risk" button. Then, in the Search field, type captive. You should see a list of entries, one of which is network.captive-portal-service.enabled. The default value is "true".

Firefox network captive
portal = true

If you double-click on that entry, you will toggle its value, so it if is "true", double-clicking on it will change it to "false". When it is set to "false", Firefox will no longer perform the captive portal check.

Some IP addresses associated with the fully qualified domain name (FQDN) detectportal.firefox.com are 72.247.8.185 and 23.3.97.88. As you can see from the nslookup query below, Akamai Technologies, which provides cloud computing and content delivery network (CDN) services to other companies and organizations is hosting the portal detection service for Firefox.

Wireshark - The Advanced Network Analysis Tool
Wireshark - The Advanced
Network Analysis Tool
1x1 px

$ nslookup
$ nslookup
> 72.247.8.185
Server:		128.183.10.134
Address:	128.183.10.134#53

Non-authoritative answer:
185.8.247.72.in-addr.arpa	name = a72-247-8-185.deploy.akamaitechnologies.com.

Authoritative answers can be found from:
> 23.3.97.88
Server:		128.183.10.134
Address:	128.183.10.134#53

Non-authoritative answer:
88.97.3.23.in-addr.arpa	name = a23-3-97-88.deploy.static.akamaitechnologies.com.

Authoritative answers can be found from:
> exit

$

Related articles:

  1. Capturing and filtering data with Wireshark
  2. Installing Wireshark under CentOS
  3. Installing Wireshark on Mac OS X El Capitan
  4. Filtering by HTTP Method in Wireshark

References:

  1. QA/Captive Portals
    Last modified: May 16, 2017
    Mozilla Wiki