这是一个创建于 2315 天前的主题,其中的信息可能已经有所发展或是发生改变。
最新的 Firefox Nightly 版本已经支持 DoH,激活之后可以访问一些被 DNS 污染的网站。如果同一域名下有网站没有被 DNS 污染,先访问正常网站,然后再访问被 DNS 污染的网站,可以建立正常连接。比如,先访问英文维基百科,然后就可以正常访问中文维基百科。
参见:
https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/
https://blog.nightly.mozilla.org/2018/06/01/improving-dns-privacy-in-firefox/
解释:
However, once you ’ ve made that connection to the web server, then everything is encrypted. And the neat thing is that this encrypted connection can be used for any site that is hosted on that server, not just the one that you initially asked for.
This is sometimes called HTTP/2 connection coalescing, or simply connection reuse. When you open a connection to a server that supports it, that server will tell you what other sites it hosts. Then you can visit those other sites using that existing encrypted connection.
Why does this help? You don ’ t need to start up a new connection to visit these other sites. This means you don ’ t need to send that unencrypted initial request with its server name indication saying which site you ’ re visiting. Which means you can visit any of the other sites on the same server without revealing what sites you ’ re looking at to your ISP and on-path routers.
1 条回复 • 2018-06-05 23:38:01 +08:00
 |
1
zro 2018-06-05 23:38:01 +08:00
正式版 60.0 也支持 DoH 了的,就是支持 DoH 的服务器少
 |
Select Language