I was looking into google.com’s Net activity in firebug just because I was curious and noticed a request was returning «204 No Content.»
It turns out that a 204 No Content «is primarily intended to allow input for actions to take place without causing a change to the user agent’s active document view, although any new or updated metainformation SHOULD be applied to the document currently in the user agent’s active view.» Whatever.
I’ve looked into the JS source code and saw that «generate_204» is requested like this:
(new Image).src="http://clients1.google.com/generate_204"
No variable declaration/assignment at all.
My first idea is that it was being used to track if Javascript is enabled. But the «(new Image).src=’…'» call is called from a dynamically loaded external JS file anyway, so that would be pointless.
Anyone have any ideas as to what the point could be?
UPDATE
«/generate_204» appears to be available on many google services/servers (e.g., maps.google.com/generate_204, maps.gstatic.com/generate_204, etc…).
You can take advantage of this by pre-fetching the generate_204 pages for each google-owned service your web app may use. Like This:
window.onload = function(){
var two_o_fours = [
// google maps domain ...
"http://maps.google.com/generate_204",
// google maps images domains ...
"http://mt0.google.com/generate_204",
"http://mt1.google.com/generate_204",
"http://mt2.google.com/generate_204",
"http://mt3.google.com/generate_204",
// you can add your own 204 page for your subdomains too!
"http://sub.domain.com/generate_204"
];
for(var i = 0, l = two_o_fours.length; i < l; ++i){
(new Image).src = two_o_fours[i];
}
};
I use Chrome for browsing the web almost all the time
Starting from a few days ago I have had the page http://www.gstatic.com/generate_204 open up in a new browser tab sometimes for seemingly no reason. I don’t know what is triggering it. It’s always an empty page and it is titled «Untitled».
From Googling it looks like this has something to do with accessing http websites, but I don’t know what’s causing it to happen now, when it didn’t use to happen before. All I know is that the first time I saw this page, it was when I tried to access an HTTP page hosted on another computer connected to my router, and I wasn’t able to do so because of the router’s settings.
Note that I am only mentioning this in case this is relevant, and it was the first time I ever remember seeing the gstatic page on this computer. My question is not about the http page hosted in a different computer on my router.
What exactly is this gstatic page and why is it popping up by itself?
Can/should I disable this page from popping up, or is it indicating any kind of problem with chrome or the computer?
December 23, 2020
Android
,
android tv
,
captive portal
,
chrome
,
dns
,
generate 204
,
generate 204 error
,
generate_204
,
,
gstatic
,
Internet
,
internet service provider
,
isp
,
no internet connectivity
,
Smartphone
Everyone on the planet might some time came across generate_204 captive portal login page, What is it actually? have you ever doubted! Gstatic Generate_204 captive portal is an Network Portal Detection service bundled with Google related services and with hardware devices like Android smartphone, Android tablet, Android TV, Google TV, Google Chrome, Google Chrome background services, Chromebook, Chrome OS Shill and other Chromium services.
%20_%2016_9).jpg "What is generate 204 captive portal login, no Internet Techzost blog")
What is Generate_204 captive portal
Gstatic Generate_204 captive portal is an Network Portal Detection service bundled with Google related services which handles No Internet connectivity in Google products like Android smartphone, Google TV, Google Chrome, Google Drive background services and more.
What is Captive portal
Captive portal is an webpage which is displayed to users who are connected to Wifi network or wired network with No IP connectivity or No Internet connectivity, it’s like gatekeeper before you access to network resources from your Internet service provider’s (ISP) Gateway, Captive portals display a login page which you need to authenticate with your username and password provided by your broadband internet service provider or with public hotspots subscription.
How does Captive portal like Google Gstatic Generate_204 works
- Different ISP use various Implementation methods like HTTP redirect, ICMP redirect, Redirect by DNS and more. Mostly Redirect by DNS Captive portal Implementation method used by many ISPs.
- Assume a client from android smartphone request domain resource, https://blog.techzost.com from Google chrome browser, instantly DNS is lookup service begins. In No Internet connectivity stutation, Gateway of ISP will forward all DNS queries from unauthenticated users to ISPs default Captive portal webpage, if dns request are hit by background by Google Chrome related services, internal network portal detection service hit generate_204 error and redirects to internet service providers captive page.
-
The HTTP requests fail because the TCP connection to clients3.google.com can never be established. The portal code tries multiple times for up to 10 seconds to connect to clients3.google.com. If it cannot connect it marks the service as being in a captive portal. This determination is somewhat unreliable because very high latency connections, lossy connections and other network issues can also result in failure to connect to clients3.google.com.
- Google Gstatic Generate 204 Captive portal lookup service aka Google Offline Indicator.
- https://www.googleapis.com/generate_204,
- https://clients1.google.com/generate_204,
- https://clients2.google.com/generate_204,
- https://clients3.google.com/generate_204,
- https://clients4.google.com/generate_204,
- https://gstatic.com/generate_204,
- http://connectivitycheck.gstatic.com/generate_204
- On Android versions Lollipop and older, when Chrome detects a network change, it sends a cookieless request to http://connectivitycheck.gstatic.com/generate_204 or http://clients4.google.com/generate_204
- Only after successful authentication of captive portal will resume internet services back to normal.
Technical overview of Network Portal Detection in Chromium projects
This is generate_204 captive portal implementation in chromium projects like Chrome and might be with New Microsoft edge because it’s derived from open source chromium os.
- Shill Service State Machine workflow diagram
- Reverse Path Filtering — In Chrome OS Reverse path filtering is built in kernel which drops packets received over a network interface inconsistent with the outbound routing tables.
- To avoid dropped packets problem when trying to determine captive portal state when connected to multiple networks like WiFi, Wired Ethernet and/or a Mobile Broadband connection.
- Shill disables reverse path filtering globally and on a per device basis while it is running the portal detection code
- Shill Implementation with libcurl to determine the portal state, libcurl tries to query DNS entries without caching and strictly not to allow any reuse of lookups and for entire transaction within 10 second timeout connection termination.
- Web Proxies are fully supported by shill libcurl port forwarding request through web proxies, Ip address of proxy server must given to libcurl.
List of Companies, Services and Products which use captive portal detection
Google and Android Captive Portal Detection Generate 204
- connectivitycheck.gstatic.com/generate_204
- connectivitycheck.android.com/generate_204
- www.googleapis.com/generate_204
- clients1.google.com/generate_204
- clients2.google.com/generate_204
- clients3.google.com/generate_204
- clients4.google.com/generate_204
- gstatic.com/generate_204
- connectivitycheck.gstatic.com/generate_204
Apple iPhone, iPad with iOS 6 Captive Portal Detection
- gsp1.apple.com
- *.akamaitechnologies.com
- www.apple.com
- apple.com
Apple iPhone, iPad with iOS 7, 8, 9 and recent versions of OS X
- www.appleiphonecell.com
- *.apple.com
- www.itools.info
- www.ibook.info
- www.airport.us
- www.thinkdifferent.us
- *.apple.com.edgekey.net
- *.akamaiedge.net
- *.akamaitechnologies.com
Microsoft Windows
- ipv6.msftncsi.com
- ipv6.msftncsi.com.edgesuite.net
- www.msftncsi.com
- www.msftncsi.com.edgesuite.net
- teredo.ipv6.microsoft.com
- teredo.ipv6.microsoft.com.nsatc.net
Many individual products and services might also have dynamic Captive Portal Detection.
Source:
Google Chrome Privacy Whitepaper, Chrome 85.0.4183.121 — https://www.google.com/chrome/privacy/whitepaper.html
Network Portal Detection, The Chromium Projects — https://www.chromium.org/chromium-os/chromiumos-design-docs/network-portal-detection
13.1. Reverse Path Filtering, Linux Advanced Routing & Traffic Control, Chapter 13. Kernel network parameters — https://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.rpf.html
How Automatic Detection of Captive Portal works — https://success.tanaza.com/s/article/How-Automatic-Detection-of-Captive-Portal-works
How to enable/disable the Automatic Detection of Classic Hotspot Captive Portal and automatic opening of the Splash Page — https://success.tanaza.com/s/article/How-to-enable-disable-the-Automatic-Detection-of-Captive-Portal-and-automatic-opening-of-the-Splash-Page
What is Connectivitycheck Gstatic com generate_204
Troubleshooting Automatic Captive Portal Detection — https://kb.fortinet.com/kb/documentLink.do?externalID=FD42223
Can’t connect to home WiFi (generate_204) — https://www.reddit.com/r/chromeos/comments/2xo3wg/cant_connect_to_home_wifi_generate_204/
Приветствую. http://connectivitycheck.gstatic.com/generate_204 error — адрес (URL), который предположительно запрашивает Андроид (точнее HTTP-клиент Dalvik) для проверки соединения с интернетом.
Если веб-сервер отвечает кодом 200 или 204 (точно выяснить не удалось), Андроид предлагает подключиться к порталу. Слово error сообщает о неудачной проверке (ошибка).
Если вручную перейти, просто на http://connectivitycheck.gstatic.com, то мы увидим:
На странице написано — запрашиваемый URL не найден.
Проверка может происходить и по другому адресу — http://clients3.google.com/generate_204, при этом используется функция WifiWatchdogStateMachine.isWalledGardenConnection. Некоторые порталы могут подменить запрос на этот конкретный URL для предотвращения доступа в интернет.
Также для проверки может быть использован http://www.google.com/blank.html.
Найдена еще информация. Android делает запрос к http://connectivitycheck.gstatic.com/generate_204 при каждой смене сети (скорее всего имеется ввиду Wi-Fi). Если адрес недоступен или получает редирект — открывается окно авторизации хотспот (как понимаю для ввода логина и пароля от Wi-Fi). В iOS все примерно также, только используется свой адрес, например http://www.apple.com/library/test/success.html или http://captive.apple.com/hotspot-detect.html, могут быть и другие.
Больше нормальной информации, адекватной, к сожалени не удалось найти.
Удачи.
На главную!
04.01.2019
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.
Already on GitHub?
Sign in
to your account
Closed
ghost opened this issue
Jul 18, 2020
· 10 comments
Assignees
Comments
Environment: Windows
When I wish to access blocked websites, the browser automatically downloaded a file named generate_204 instead of accessing the websites.
ghost
added
the
bug
label
Jul 18, 2020
What browser are you using. Can you upload the downloaded file?
What browser are you using. Can you upload the downloaded file?
I was using Chrome.
It is a text file with the following hexadecimal content:
0000 1e04 0000 0000 0000 0100 0010 0000
0300 0000 6400 0400 1000 0000 0500 0040
0000 0600 0040 0000 0004 0800 0000 0000
000f 0001 0000 0807 0000 0000 0000 0000
0000 0000 01
By using MySQL authenticator.
Can you visit HTTP sites like example.com? Does similar issue appears when you visiting non-Google sites? Can you post your configuration file?
Hi @Chigusa0w0 I fixed it by changing the password format to «username:password».
The reason why I saw the ‘generate_204’ issue was, I used the wrong password. And it only happened when I was trying to open google.com, not sure if it’s a trojan bug, or it might be something that related to my Chrome extension.
@Just1n This is a known defect of third-party software. See #311 if you are interested in the detail.
ok
…
—————— 原始邮件 ——————
发件人: «Chigusa0w0″<notifications@github.com>;
发送时间: 2020年7月21日(星期二) 晚上9:18
收件人: «trojan-gfw/trojan»<trojan@noreply.github.com>;
抄送: «Subscribed»<subscribed@noreply.github.com>;
主题: Re: [trojan-gfw/trojan] [BUG] Automatically download generate_204 file instead of accessing the website (#484)
Closed #484.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.