TLS 1.3 (the latest version of the protocol used for “HTTPS” connections) adds a feature called “Encrypted Server Name Indication” (ESNI). This removes a loophole where the initial exchange, in which the browser indicates to the server which (of possibly many) virtual host names it is trying to connect to, is sent unencrypted. Reports <https://www.theregister.com/2020/08/11/china_blocking_tls_1_3_esni/> are saying that the Great Firewall of China is trying to block all such connection attempts, just in case any of them happen to be to “banned” sites. However, it is (currently) possible to manipulate the packet stream in such a way as to fool this filtering, so the connection can go through.