Nice research, but I can only guess that this was fixed ten minutes after the report was published?

I don't see the point - ASCII vs. binary doesn't make any real difference. And there's no an actual unencrypted HTTP/2 traffic, so there's no incentive to censor.

The obvious follow-up is to then put a (possibly obfuscated) TLS connection in the request and response bodies, creating another tunneling method.

Ok, I’ll ask the stupid question:

Why not use _Encrypted_ HTTP/2 traffic? The article goes on and on about HTTP 1.1 and unencrypted HTTP 2.0 but never once mentioned encrypted HTTP 2.0 which I would assume shares the exact same binary/“hard to block” characteristics of unencrypted HTTP 2.0.

I can only assume that everyone knows why that’s already blocked in China, but I don’t

Maybe they monitor rather than censor unencrypted traffic? That could be more of a problem for those in authoritarian countries.