I had a closer look at this technique after reading the article.<p>The cool thing about this hack is that even in the TLS Server Name Indication (SNI) extension, the front domain name shows up, and only the (encrypted) HTTP Host header shows the true covert destination.<p>The paper "Blocking-resistant communication through domain fronting" (<a href="https://www.bamsoftware.com/papers/fronting/" rel="nofollow">https://www.bamsoftware.com/papers/fronting/</a>) is very interesting.<p>One thing that I'm left wondering is if the front domain owners will be at risk being blocked if domain fronting is being done with their domain.
If so they may ask the CDN companies to block this routing behaviour.