HTTPS Everywhere FAQ says that Yahoo! allows HTTP hijacking
The HTTPS Everywhere FAQ page says that http://yahoo.com/ can be used as a site to authenticate to captive portals, but since the Summer of Snowden Yahoo! has added TLS support, thus preventing HTTP hijacking.
This should probably be changed to something that actually works.
Trac:
Username: strugee