It's worth noting however that both recent Windows and Mac OSes at least detect captive portals automatically and show the login page themselves, making elaborate and insecure hacks like that unnecessary.
That is true, but everyone aren't running even recent-ish OSs. Also having relied on BT Wifi for about 2 weeks recently, I can definitely confirm that OSX's detection doesn't always work. About 80% of time, it's fine, the other 20% it's google for "asdf" and get redirected.
Also, BT Wifi tends to log you out every 20 minutes to 6 hours seemingly by random, forcing you login with your credentials again, and this need to re-login is something that OSX never detected.
Isn't that a security hazard? The mechanism of these captive portals is literally a MITM attack, and I don't see how to distinguish a benevolent from a malevolent use of it.
Also, BT Wifi tends to log you out every 20 minutes to 6 hours seemingly by random, forcing you login with your credentials again, and this need to re-login is something that OSX never detected.