最新的 Firefox Nightly 版本已经支持 DoH,激活之后可以访问一些被 DNS 污染的网站。如果同一域名下有网站没有被 DNS 污染,先访问正常网站,然后再访问被 DNS 污染的网站,可以建立正常连接。比如,先访问英文维基百科,然后就可以正常访问中文维基百科。
参见:
https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/
https://blog.nightly.mozilla.org/2018/06/01/improving-dns-privacy-in-firefox/
解释:
However, once you ’ ve made that connection to the web server, then everything is encrypted. And the neat thing is that this encrypted connection can be used for any site that is hosted on that server, not just the one that you initially asked for.
This is sometimes called HTTP/2 connection coalescing, or simply connection reuse. When you open a connection to a server that supports it, that server will tell you what other sites it hosts. Then you can visit those other sites using that existing encrypted connection.
Why does this help? You don ’ t need to start up a new connection to visit these other sites. This means you don ’ t need to send that unencrypted initial request with its server name indication saying which site you ’ re visiting. Which means you can visit any of the other sites on the same server without revealing what sites you ’ re looking at to your ISP and on-path routers.
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.