How to check for unrestricted Internet access? (captive portal detection)

Question

I need to reliably detect if a device has full internet access, i.e. that the user is not confined to a captive portal (also called walled garden), i.e. a

Answer 1

Another possible solution might be to connect via HTTPS and inspect the target certificate. Not sure if walled gardens actually serve the login page via HTTPS or just drop the connections. In either case, you should be able to see that your destination is not the one you expected.

Of course, you also have the overhead of TLS and certificate checks. Such is the price of authenticated connections, unfortunately.