https://bugs.kde.org/show_bug.cgi?id=492145
Bug ID: 492145
Summary: networkcheck.kde.org has HSTS enabled, which breaks
captive portals if you ever visit it with HTTPS
Classification: Websites
Product: www.kde.org
Version: unspecified
Platform: Other
OS: All
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: kde-...@kde.org
Reporter: forestbea...@brightfur.net
Target Milestone: ---
SUMMARY
networkcheck.kde.org has HSTS enabled, so if you ever visit it with HTTPS, your
browser will only try to load it with HTTPS, which breaks captive portals.
STEPS TO REPRODUCE
1. Visit https://networkcheck.kde.org.
2. Join a captive portaled wifi network (coffeeshop, etc.).
OBSERVED RESULT
https://networkcheck.kde.org has a certificate error.
EXPECTED RESULT
http://networkcheck.kde.org gets redirected by the captive portal to its own
login page.
SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Fedora Linux 40
KDE Plasma Version: 6.1.4
KDE Frameworks Version: 6.5.0
Qt Version: 6.7.2
ADDITIONAL INFORMATION
This should be an easy fix – just turn off HSTS on networkcheck.kde.org. (This
won't help people who've already visited it with HTTPS, but eventually the HSTS
will expire and they'll be fine.)
You can tell HSTS is enabled by running `curl -v http://networkcheck.kde.org`
and looking for the Strict-Transport-Security header.
--
You are receiving this mail because:
You are watching all bug changes.
