I think they didn't explain the purpose very well.<p>I'm not sure who I'm informing here because I would expect anyone here to be fully familiar with how old captive portals worked. But whatever...<p>It's not that a "wifi network is misbehaving".<p>It's that some public wifi access points captive portal logon process relies on something that doesn't happen any more. The captive portal logon process relies on your browser making any plain http request to any address at all, which the access point then intercepts and responds with it's own logon page instead of actually routing that tcp session to the requested site, exactly the definition of a man-in-the-middle, except it's not an attack.<p>But today your browser never makes any plain http request anywhere, even if you manually type one in or have a specifcally edited bookmark, and the access point can't provide a fake response to any https request. The whole point of https is to make man-in-the-middle impossible, and it blocks both man-in-the-middle-attack and man-in-the-middle-anything-else-like-captive-portal-logon-pages.<p>And if you can't get get to the access point's captive portal page, then you can't use the internet.<p>And so to get to the logon page of any such access point, you just need any plain http address that you can remember or bookmark, whose site config not only allows http, but pointedly does not support https even if you tried, and advertizes this fact via reponse headers, so that your browser can't ever automatically decide that it's ok to replace your http request with an equivalent https request, and so the plain http request actually goes out on the "wire" where the access point can respond to it with it's own content instead of the requested site's.<p>Apologies for for telling grandpa how to suck eggs.