Originally Posted by
Acymetric
Technically you need to use some private DNS to obscure your URLs (which can contain personal information) as well, I think.
DNS exposes domain names. The full URL portion is in the HTTP request, and will be encrypted by HTTPS (HTTP over TLS).
Basically, if I go to hxxps://www.example.com/questions/3456/my-document?key1=value1&key2=value2
Anyone in your network path (MitM attacker, your ISP, your VPN provider) will see DNS request/responses and know you went to www[.]example[.]com
If you use a DoH provider, they instead will know you went to www[.]example[.]com
But only the example.com web server is going to see the "/questions/3456/my-document?key1=value1&key2=value2" information.
Last edited by snowdenscold; 04-21-2022 at 01:54 PM.
A text without a context is a pretext.