ios ios7 和强制门户-更改为苹果请求 URL
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18891706/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
ios7 and captive portals-changes to apple request URL
提问by Goat Karma
It looks like in ios7 the URL that the device sends a request to to check whether it has an internet connection after connecting to wifi has changed (for the much worse!).
看起来在 ios7 中,设备发送请求以检查它在连接到 wifi 后是否具有互联网连接的 URL 已更改(更糟糕的是!)。
in ios6 and earlier,the request was :
在 ios6 及更早版本中,请求是:
GET /library/test/success.html HTTP/1.0
Host: www.apple.com
User-Agent: CaptiveNetworkSupport/1.0 wispr
Connection: close
(source)
(来源)
But now in ios7, it can access 'upto 200' (according to cisco).
但是现在在 ios7 中,它可以访问“最多 200”(根据cisco)。
Having tested this myself, I can confirm the requests randomly go to appleiphonecell.com, captive.apple.com, airport.us, ibook.info among others.
我自己对此进行了测试,我可以确认请求会随机访问 appleiphonecell.com、captive.apple.com、airport.us、ibook.info 等。
So my question is: Does anyone have a full list of these URLs (maybe it's just every domain Apple own)? We run a captive portal on our wifi, but just to let users know they need to connect to the VPN after connecting to wifi. Clicking 'cancel' on the captive portal log in page sometimes presents the option 'use without internet' which will then allow the user to connect to the VPN, but sometimes, clicking 'cancel' doesn't give this option, and just disconnects the wifi connection straight away, which then means the user can't connect to the VPN.
所以我的问题是:有没有人有这些 URL 的完整列表(也许它只是 Apple 拥有的每个域)?我们在 wifi 上运行一个强制门户,但只是为了让用户知道在连接到 wifi 后他们需要连接到 VPN。单击强制门户登录页面上的“取消”有时会显示“不使用 Internet 使用”选项,这将允许用户连接到 VPN,但有时单击“取消”不会提供此选项,只是断开连接wifi 连接立即,这意味着用户无法连接到 VPN。
Before we could just forge a response to the specific URL (library/test/success.html) which would then leave the wifi connected. We can do this again if we had a list of the sites it can access, otherwise we might have to go back to the drawing board with our captive portal! (Or await an ios7 update that fixes the option to 'use without internet' , which isn't appearing every time). Think we'll look into doing based on user agent for now if thats possible.
在我们可以伪造对特定 URL (library/test/success.html) 的响应之前,这将使 wifi 保持连接状态。如果我们有它可以访问的站点列表,我们可以再次执行此操作,否则我们可能不得不使用强制门户返回绘图板!(或者等待 ios7 更新,该更新修复了 'use without internet' 选项,该选项并非每次都出现)。如果可能的话,我们现在会考虑基于用户代理进行操作。
Edit-wee update, looks like UA is staying consistent at least with 'CaptiveNetworkSupport' being the common denominator, so we'll change to UA checking for the time being.
Edit-wee 更新,看起来 UA 至少保持一致,“CaptiveNetworkSupport”是公分母,因此我们暂时将更改为 UA 检查。
回答by Uriah Carpenter
Interesting enough, www.appleiphonecell.comand captive.apple.comboth currently resolve to Akamai addresses.
有意思的是,www.appleiphonecell.com与captive.apple.com当前已决心Akamai的地址。
~/ > host captive.apple.com
captive.apple.com is an alias for captive.apple.com.edgekey.net.
captive.apple.com.edgekey.net is an alias for e7279.e9.akamaiedge.net.
e7279.e9.akamaiedge.net has address 23.212.87.91
But airport.usand friends resolve directly to to Apple's Class A network.
但是airport.us和朋友直接解析到苹果的A类网络。
~/ > host airport.us
airport.us has address 17.149.160.87
airport.us has address 17.172.224.81
From these IP addresses you can find many more hostnames that have the same PTR record. Adding the path /library/test/success.htmlmost often results in a direct response or a redirect to the same page on the www.apple.comhostname.
从这些 IP 地址中,您可以找到更多具有相同 PTR 记录的主机名。添加路径/library/test/success.html通常会导致直接响应或重定向到www.apple.com主机名上的同一页面。
~/ > host 17.149.160.87
87.160.149.17.in-addr.arpa domain name pointer airport.us.
87.160.149.17.in-addr.arpa domain name pointer ibook.info.
87.160.149.17.in-addr.arpa domain name pointer macbookair.net.
87.160.149.17.in-addr.arpa domain name pointer macintosh.me.
87.160.149.17.in-addr.arpa domain name pointer applecare.info.
87.160.149.17.in-addr.arpa domain name pointer macintosh.info.
87.160.149.17.in-addr.arpa domain name pointer itunes.info.
87.160.149.17.in-addr.arpa domain name pointer itunes.us.
87.160.149.17.in-addr.arpa domain name pointer iphoto.us.
87.160.149.17.in-addr.arpa domain name pointer applecare.us.
87.160.149.17.in-addr.arpa domain name pointer macbook.us.
87.160.149.17.in-addr.arpa domain name pointer itunesmobile.com.
87.160.149.17.in-addr.arpa domain name pointer ipod.us.
87.160.149.17.in-addr.arpa domain name pointer itunestelevision.com.
87.160.149.17.in-addr.arpa domain name pointer macosxversions.com.
87.160.149.17.in-addr.arpa domain name pointer itunes.me.
87.160.149.17.in-addr.arpa domain name pointer itunesaircheck.com.
87.160.149.17.in-addr.arpa domain name pointer mac.us.
87.160.149.17.in-addr.arpa domain name pointer macbookair.us.
87.160.149.17.in-addr.arpa domain name pointer ipod.me.
87.160.149.17.in-addr.arpa domain name pointer applestore.info.
87.160.149.17.in-addr.arpa domain name pointer iphone.me.
87.160.149.17.in-addr.arpa domain name pointer osxlionlaunchpad.com.
87.160.149.17.in-addr.arpa domain name pointer macgestures.com.
87.160.149.17.in-addr.arpa domain name pointer macbookair.org.
87.160.149.17.in-addr.arpa domain name pointer mac.info.
87.160.149.17.in-addr.arpa domain name pointer macos.us.
87.160.149.17.in-addr.arpa domain name pointer myipod.net.
87.160.149.17.in-addr.arpa domain name pointer itunesu.net.
87.160.149.17.in-addr.arpa domain name pointer appleiphonecell.com.
87.160.149.17.in-addr.arpa domain name pointer firewire.us.
87.160.149.17.in-addr.arpa domain name pointer airport.info.
87.160.149.17.in-addr.arpa domain name pointer itunesparty.com.
87.160.149.17.in-addr.arpa domain name pointer applecomputer.info.
87.160.149.17.in-addr.arpa domain name pointer appletv.info.
87.160.149.17.in-addr.arpa domain name pointer applecomputers.us.
87.160.149.17.in-addr.arpa domain name pointer idvd.us.
87.160.149.17.in-addr.arpa domain name pointer osx.info.
87.160.149.17.in-addr.arpa domain name pointer macbookair.info.
87.160.149.17.in-addr.arpa domain name pointer itunesu.org.
87.160.149.17.in-addr.arpa domain name pointer itunesuniversity.com.
87.160.149.17.in-addr.arpa domain name pointer imovie.us.
87.160.149.17.in-addr.arpa domain name pointer theapplestore.org.
87.160.149.17.in-addr.arpa domain name pointer macbookpro.org.
87.160.149.17.in-addr.arpa domain name pointer apple.me.
87.160.149.17.in-addr.arpa domain name pointer itools.info.
87.160.149.17.in-addr.arpa domain name pointer thinkdifferent.us.
87.160.149.17.in-addr.arpa domain name pointer thinkdifferent.info.
87.160.149.17.in-addr.arpa domain name pointer macintosh.us.
87.160.149.17.in-addr.arpa domain name pointer ipod.info.
87.160.149.17.in-addr.arpa domain name pointer applescript.us.
87.160.149.17.in-addr.arpa domain name pointer quicktime.info.
87.160.149.17.in-addr.arpa domain name pointer macosxlionairdrop.com.
87.160.149.17.in-addr.arpa domain name pointer itunesshow.com.
87.160.149.17.in-addr.arpa domain name pointer airtunes.net.
87.160.149.17.in-addr.arpa domain name pointer ipod.net.
87.160.149.17.in-addr.arpa domain name pointer macos.info.
87.160.149.17.in-addr.arpa domain name pointer imac.info.
87.160.149.17.in-addr.arpa domain name pointer imac.us.
87.160.149.17.in-addr.arpa domain name pointer appleiosv.com.
87.160.149.17.in-addr.arpa domain name pointer ipodnano.me.
回答by theeagermichael
In our tests it looked like the CNA also triggers requests with not only "CaptiveNetworkSupport" but a common WebKit User-Agent identifier. Have you actually succeeded in checking only the User-Agent header for CaptiveNetworkSupport?
在我们的测试中,看起来 CNA 不仅触发了“CaptiveNetworkSupport”请求,还触发了一个通用的 WebKit User-Agent 标识符。您实际上是否仅成功检查了CaptiveNetworkSupport的 User-Agent 标头?
This is really a mess.
这真是一团糟。
回答by dev0z
Check for Userv Agent 'CaptiveNetworkSupport'. I tested this on my nginx webserver and works perfectly across all iOS devices.
检查 Userv 代理“CaptiveNetworkSupport”。我在我的 nginx 网络服务器上对此进行了测试,并且可以在所有 iOS 设备上完美运行。
if ($http_user_agent ~* (CaptiveNetworkSupport)) {
return 200;
}
回答by Kope
Add those in
/etc/lighttpd/lighttpd.conf
在
/etc/lighttpd/lighttpd.conf 中添加这些
$HTTP["host"] =~ "^(appleiphonecell.com|captive.apple.com|www.itools.info|www.ibook.info|www.aiport.us|www.thinkdifferent.us|www.apple.com)" {
server.document-root = "/www/library/test/"
index-file.names = ( "success.html" )
dir-listing.activate = "disable"
server.error-handler-404 = "/success.html"
#accesslog.filename = "/var/log/lighttpd/apple-access.log"
#server.errorlog = "/var/log/lighttpd/apple-error.log"
url.rewrite = (
"^/(.*/)" => "/success.html",
)
}
Tested on iOS6 & iOS7
在 iOS6 和 iOS7 上测试
回答by user2800645
A workaround has been posted in the form of a configuration for the Lighttpd server:
已经以 Lighttpd 服务器的配置形式发布了一种解决方法:
http://forum.daviddarts.com/read.php?9,8879
http://forum.daviddarts.com/read.php?9,8879
That workaround is based on UA checking for CaptiveNetworkSupport - although iOS will also try to load the same long randomized URLs from the Apple website using the WebKit UA.
该解决方法基于 UA 检查 CaptiveNetworkSupport - 尽管 iOS 也会尝试使用 WebKit UA 从 Apple 网站加载相同的长随机 URL。
