Some captive portals use the concept of whitelisting for allowing access to given host or domain before user authentication. Access to hosts or domains in the whitelist is allowed even for unauthenticated/unauthorized users
In many deployments, the whitelist is populated statically and is a whitelist that is applicable to all users. A common use case for this conventional whitelisting is to provide support for social media sites. Many solutions now allow users to login using their social media credentials and in order facilitate access the social media login module, these domains have to be added to the whitelist by an administrator, for example. The goal of this whitelisting is to allow access to the login module of the social media sites on the whitelist and not to allow general access to the social media sites per se.
However, when such a whitelist is populated using the social media domains, it may be possible for a savvy user to gain unauthorized access to these sites even before authentication.
Embodiments were conceived in light of the above mentioned needs, problems and/or limitations, among other things.