DNS: migrate software suggestions from DNS page to DNS section to make it appear in /classic (#2028)

2024-11-13 22:53:36 +01:00 · 2020-09-12 08:28:01 +03:00 · 2020-09-12 08:28:01 +03:00 · 1cf6b13a86
commit 1cf6b13a86
parent 3d0fe9e4bf
2 changed files with 120 additions and 119 deletions
--- a/_includes/sections/dns.html
+++ b/_includes/sections/dns.html
@ -532,3 +532,123 @@ We also log how many times this or that tracker has been blocked. We need this i
    </tbody>
  </table>
 </div>
 <h1 id="dns-desktop-clients" class="anchor">
  <a href="#dns-desktop-clients">
    <i class="fas fa-link anchor-icon"></i>
  </a> Encrypted DNS Client Recommendations for Desktop
 </h1>
 {%
 	include cardv2.html
 	title="Unbound"
 	image="/assets/img/svg/3rd-party/unbound.svg"
 	description='A validating, recursive, caching DNS resolver, supporting DNS-over-TLS, and has been <a href="https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/">independently audited</a>.'
 	website="https://nlnetlabs.nl/projects/unbound/about/"
 	forum="https://forum.privacytools.io/t/discussion-unbound/3563"
 	github="https://github.com/NLnetLabs/unbound"
 %}
 {%
 	include cardv2.html
 	title="dnscrypt-proxy"
 	image="/assets/img/svg/3rd-party/dnscrypt-proxy.svg"
 	description='A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and <a href="https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt">Anonymized DNSCrypt</a>, a <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">relay-based protocol that the hides client IP address.</a>'
 	website="https://github.com/DNSCrypt/dnscrypt-proxy/wiki"
 	forum="https://forum.privacytools.io/t/discussion-dnscrypt-proxy/1498"
 	github="https://github.com/DNSCrypt/dnscrypt-proxy"
 %}
 {%
 	include cardv2.html
 	title="Stubby"
 	image="/assets/img/png/3rd-party/stubby.png"
 	description='An application that acts as a local DNS-over-TLS stub resolver. Stubby can be used in <a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Clients#DNSPrivacyClients-Unbound/Stubbycombination">combination with Unbound</a> by managing the upstream TLS connections (since Unbound cannot yet re-use TCP/TLS connections) with Unbound providing a local cache.'
 	website="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby"
 	forum="https://forum.privacytools.io/t/discussion-stubby/3582"
 	github="https://github.com/getdnsapi/stubby"
 %}
 {%
 	include cardv2.html
 	title="Firefox's built-in DNS-over-HTTPS resolver"
 	image="/assets/img/svg/3rd-party/firefox_browser.svg"
 	description='Firefox comes with built-in DNS-over-HTTPS support for <a href="https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/">NextDNS and Cloudflare</a> but users can manually any other DoH resolver.'
 	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.cloudflare.com/1.1.1.1/privacy/firefox::text==Warning::tooltip==Cloudflare logs a limited amount of data about the DNS requests that are sent to their custom resolver for Firefox."
 	website="https://support.mozilla.org/en-US/kb/firefox-dns-over-https"
 	privacy-policy="https://wiki.mozilla.org/Security/DOH-resolver-policy"
 	forum="https://forum.privacytools.io/t/discussion-firefox-s-built-in-dns-over-https-resolver/3564"
 %}
 <h1 id="dns-android-clients" class="anchor">
 	<a href="#dns-android-clients">
 		<i class="fas fa-link anchor-icon"></i>
 	</a> Encrypted DNS Client Recommendations for Android
 </h1>
 {%
 	include cardv2.html
 	title="Android 9's built-in DNS-over-TLS resolver"
 	image="/assets/img/svg/3rd-party/android.svg"
 	description="Android 9 (Pie) comes with built-in DNS-over-TLS support without the need for a 3rd-party application."
 	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.google.com/speed/public-dns/docs/using#android_9_pie_or_later::text==Warning::tooltip==Android 9's DoT settings have no effect when used concurrently with VPN-based apps which override the DNS."
 	website="https://support.google.com/android/answer/9089903#private_dns"
 	forum="https://forum.privacytools.io/t/discussion-android-9s-built-in-dns-over-tls-resolver/3562"
 %}
 {%
 	include cardv2.html
 	title="Nebulo"
 	image="/assets/img/png/3rd-party/nebulo.png"
 	description='An open-source Android client supporting DNS-over-HTTPS and DNS-over-TLS, caching DNS responses, and locally logging DNS queries.'
 	website="https://git.frostnerd.com/PublicAndroidApps/smokescreen/-/blob/master/README.md"
 	privacy-policy="https://smokescreen.app/privacypolicy"
 	forum="https://forum.privacytools.io/t/discussion-nebulo/3565"
 	fdroid="https://git.frostnerd.com/PublicAndroidApps/smokescreen#f-droid"
 	googleplay="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen"
 	source="https://git.frostnerd.com/PublicAndroidApps/smokescreen"
 %}
 <h1 id="dns-ios-clients" class="anchor">
 	<a href="#dns-ios-clients">
 		<i class="fas fa-link anchor-icon"></i>
 	</a> Encrypted DNS Client Recommendations for iOS
 </h1>
 {%
 	include cardv2.html
 	title="DNSCloak"
 	image="/assets/img/png/3rd-party/dnscloak.png"
 	description='An open-source iOS client supporting DNS-over-HTTPS, DNSCrypt, and <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki">dnscrypt-proxy</a> options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can <a href="https://blog.privacytools.io/adding-custom-dns-over-https-resolvers-to-dnscloak/">add custom resolvers by DNS stamp</a>.'
 	website="https://github.com/s-s/dnscloak/blob/master/README.md"
 	privacy-policy="https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view"
 	forum="https://forum.privacytools.io/t/discussion-dnscloak/3566"
 	ios="https://apps.apple.com/app/id1452162351"
 	github="https://github.com/s-s/dnscloak"
 %}
 <h2 id="dns-definitions" class="anchor">
 	<a href="#dns-definitions">
 		<i class="fas fa-link anchor-icon"></i>
 	</a> Definitions
 </h2>
 <h4>DNS-over-TLS (DoT)</h4>
 <p>
  A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.
 </p>
 <h4>DNS-over-HTTPS (DoH)</h4>
 <p>
  Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %}
 </p>
 <h4>DNSCrypt</h4>
 <p>
  With an <a href="https://dnscrypt.info/protocol/">open specification</a>, DNSCrypt is an older, yet robust method for encrypting DNS.
 </p>
 <h4>Anonymized DNSCrypt</h4>
 <p>
  A <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">lightweight protocol</a> that hides the client IP address by using pre-configured relays to forward encrypted DNS data. This is a relatively new protocol created in 2019 currently only supported by <a href="#dns-desktop-clients">dnscrypt-proxy</a> and a limited number of <a href="https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/relays.md">relays</a>.
 </p>
--- a/pages/providers/dns.html
+++ b/pages/providers/dns.html
@ -8,122 +8,3 @@ breadcrumb: "DNS"
 {% include sections/dns.html %}
 <h1 id="dns-desktop-clients" class="anchor">
  <a href="#dns-desktop-clients">
    <i class="fas fa-link anchor-icon"></i>
  </a> Encrypted DNS Client Recommendations for Desktop
 </h1>
 {%
 	include cardv2.html
 	title="Unbound"
 	image="/assets/img/svg/3rd-party/unbound.svg"
 	description='A validating, recursive, caching DNS resolver, supporting DNS-over-TLS, and has been <a href="https://ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/">independently audited</a>.'
 	website="https://nlnetlabs.nl/projects/unbound/about/"
 	forum="https://forum.privacytools.io/t/discussion-unbound/3563"
 	github="https://github.com/NLnetLabs/unbound"
 %}
 {%
 	include cardv2.html
 	title="dnscrypt-proxy"
 	image="/assets/img/svg/3rd-party/dnscrypt-proxy.svg"
 	description='A DNS proxy with support for DNSCrypt, DNS-over-HTTPS, and <a href="https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt">Anonymized DNSCrypt</a>, a <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">relay-based protocol that the hides client IP address.</a>'
 	website="https://github.com/DNSCrypt/dnscrypt-proxy/wiki"
 	forum="https://forum.privacytools.io/t/discussion-dnscrypt-proxy/1498"
 	github="https://github.com/DNSCrypt/dnscrypt-proxy"
 %}
 {%
 	include cardv2.html
 	title="Stubby"
 	image="/assets/img/png/3rd-party/stubby.png"
 	description='An application that acts as a local DNS-over-TLS stub resolver. Stubby can be used in <a href="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Clients#DNSPrivacyClients-Unbound/Stubbycombination">combination with Unbound</a> by managing the upstream TLS connections (since Unbound cannot yet re-use TCP/TLS connections) with Unbound providing a local cache.'
 	website="https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Daemon+-+Stubby"
 	forum="https://forum.privacytools.io/t/discussion-stubby/3582"
 	github="https://github.com/getdnsapi/stubby"
 %}
 {%
 	include cardv2.html
 	title="Firefox's built-in DNS-over-HTTPS resolver"
 	image="/assets/img/svg/3rd-party/firefox_browser.svg"
 	description='Firefox comes with built-in DNS-over-HTTPS support for <a href="https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/">NextDNS and Cloudflare</a> but users can manually any other DoH resolver.'
 	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.cloudflare.com/1.1.1.1/privacy/firefox::text==Warning::tooltip==Cloudflare logs a limited amount of data about the DNS requests that are sent to their custom resolver for Firefox."
 	website="https://support.mozilla.org/en-US/kb/firefox-dns-over-https"
 	privacy-policy="https://wiki.mozilla.org/Security/DOH-resolver-policy"
 	forum="https://forum.privacytools.io/t/discussion-firefox-s-built-in-dns-over-https-resolver/3564"
 %}
 <h1 id="dns-android-clients" class="anchor">
 	<a href="#dns-android-clients">
 		<i class="fas fa-link anchor-icon"></i>
 	</a> Encrypted DNS Client Recommendations for Android
 </h1>
 {%
 	include cardv2.html
 	title="Android 9's built-in DNS-over-TLS resolver"
 	image="/assets/img/svg/3rd-party/android.svg"
 	description="Android 9 (Pie) comes with built-in DNS-over-TLS support without the need for a 3rd-party application."
 	labels="color==warning::icon==fas fa-exclamation-triangle::link==https://developers.google.com/speed/public-dns/docs/using#android_9_pie_or_later::text==Warning::tooltip==Android 9's DoT settings have no effect when used concurrently with VPN-based apps which override the DNS."
 	website="https://support.google.com/android/answer/9089903#private_dns"
 	forum="https://forum.privacytools.io/t/discussion-android-9s-built-in-dns-over-tls-resolver/3562"
 %}
 {%
 	include cardv2.html
 	title="Nebulo"
 	image="/assets/img/png/3rd-party/nebulo.png"
 	description='An open-source Android client supporting DNS-over-HTTPS and DNS-over-TLS, caching DNS responses, and locally logging DNS queries.'
 	website="https://git.frostnerd.com/PublicAndroidApps/smokescreen/-/blob/master/README.md"
 	privacy-policy="https://smokescreen.app/privacypolicy"
 	forum="https://forum.privacytools.io/t/discussion-nebulo/3565"
 	fdroid="https://git.frostnerd.com/PublicAndroidApps/smokescreen#f-droid"
 	googleplay="https://play.google.com/store/apps/details?id=com.frostnerd.smokescreen"
 	source="https://git.frostnerd.com/PublicAndroidApps/smokescreen"
 %}
 <h1 id="dns-ios-clients" class="anchor">
 	<a href="#dns-ios-clients">
 		<i class="fas fa-link anchor-icon"></i>
 	</a> Encrypted DNS Client Recommendations for iOS
 </h1>
 {%
 	include cardv2.html
 	title="DNSCloak"
 	image="/assets/img/png/3rd-party/dnscloak.png"
 	description='An open-source iOS client supporting DNS-over-HTTPS, DNSCrypt, and <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki">dnscrypt-proxy</a> options such as caching DNS responses, locally logging DNS queries, and custom block lists. Users can <a href="https://blog.privacytools.io/adding-custom-dns-over-https-resolvers-to-dnscloak/">add custom resolvers by DNS stamp</a>.'
 	website="https://github.com/s-s/dnscloak/blob/master/README.md"
 	privacy-policy="https://drive.google.com/file/d/1050No_pU74CAWUS5-BwQWyO2x_aiMzWc/view"
 	forum="https://forum.privacytools.io/t/discussion-dnscloak/3566"
 	ios="https://apps.apple.com/app/id1452162351"
 	github="https://github.com/s-s/dnscloak"
 %}
 <h2 id="dns-definitions" class="anchor">
 	<a href="#dns-definitions">
 		<i class="fas fa-link anchor-icon"></i>
 	</a> Definitions
 </h2>
 <h4>DNS-over-TLS (DoT)</h4>
 <p>
  A security protocol for encrypted DNS on a dedicated port 853. Some providers support port 443 which generally works everywhere while port 853 is often blocked by restrictive firewalls.
 </p>
 <h4>DNS-over-HTTPS (DoH)</h4>
 <p>
  Similar to DoT, but uses HTTPS instead, being indistinguishable from "normal" HTTPS traffic on port 443 and more difficult to block. {% include badge.html color="warning" text="Warning" tooltip="DoH contains metadata such as user-agent (which may include system information) that is sent to the DNS server." link="https://tools.ietf.org/html/rfc8484#section-8.2" icon="fas fa-exclamation-triangle" %}
 </p>
 <h4>DNSCrypt</h4>
 <p>
  With an <a href="https://dnscrypt.info/protocol/">open specification</a>, DNSCrypt is an older, yet robust method for encrypting DNS.
 </p>
 <h4>Anonymized DNSCrypt</h4>
 <p>
  A <a href="https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS">lightweight protocol</a> that hides the client IP address by using pre-configured relays to forward encrypted DNS data. This is a relatively new protocol created in 2019 currently only supported by <a href="#dns-desktop-clients">dnscrypt-proxy</a> and a limited number of <a href="https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/relays.md">relays</a>.
 </p>