|
|
|
|
|
|
by scoutt
2407 days ago
|
|
|
AFAIK, being HTTP, you won't be able to differentiate and/or route it. And it can be done outside the control of the OS or browser (with js embedded in a page, application, etc.) so even if you configure your browser/system, it still will pass through filters unless whole domains are filtered? Since pihole and dnsmasq are already requiring disabling DoH, I see DoH as the dead of these kinds of adblock systems. |
|
|
If for example they will use the 1.1.1.1 DOH instance, you can simply redirect all localnet 1.1.1.1 (80/53) traffic to your own local (DOH)DNS(masq).
Besides that there must be a fallback option for network admins, since using dns filtering and localnet dns is very common in enterprise. Firefox implemented a canary domain, specifically designed for this purpose, see: https://support.mozilla.org/en-US/kb/canary-domain-use-appli...