Thanks for this comment, because it explained something I've had passing curiosity about but never bothered to fully investigate or understand. I've been using NeverSSL for ages, but only in one specific scenario, which is in-flight WiFi. I travel a lot so it manages to stay in my top sites, but every other public WiFi network works fine without that workaround.

Considering how brittle this solution is, I wonder what airlines are going to do next?