All Products
Search

This Product

    HTTPDNS:Use DoH in a browser

    Document Center

    HTTPDNS:Use DoH in a browser

    Last Updated:Oct 23, 2025

    This document describes how to configure and use DNS over HTTPS (DoH) endpoints in popular browsers, such as Chrome, Firefox, and Edge, and provides solutions for common issues.

    Introduction

    In web applications, DNS resolution requests are handled by the underlying runtime environment, such as WebView, a CEF frame, or a browser. These requests are transparent to the web layer. Although JavaScript can retrieve IP addresses using HTTPDNS, web standards prevent direct IP connections that use custom Host headers.

    For embedded web containers, such as WebView, CEF, and Electron, you can bypass the local DNS in several ways. However, in third-party browser environments, you must manually configure DoH to resolve issues such as local DNS hijacking and pollution.

    This document describes how to configure and use DoH endpoints in a browser.

    Prerequisites

    Before you access DoH through a browser, ensure that you have completed the steps in Configure the DoH service.

    Configure a DoH endpoint in Chrome

    The following steps use Chrome version 131.0.6778.265 as an example.

    1. Open Chrome. Go to Preferences > Privacy and security > Security. You can also enter chrome://settings/security in the address bar.

    2. In the Advanced section, configure the DoH endpoint.

      1. Turn on Use secure DNS.

      2. Select the option to use a custom DNS provider.

      3. In the text box, enter the DoH endpoint.

      chrome-doh-cn

    3. Enter a URL in the address bar to verify the configuration.

      • If the domain name in the URL is on the list of accessible domain names and the browser can access the page, the verification is successful.

      • If the domain name is not on the list of accessible domain names or is on the blacklist, the browser cannot access the page. This also confirms that the DoH configuration is in effect.

      Important

      Ensure that Chrome's DoH probe domain, google.com, is resolvable.

    Configure a DoH endpoint in Firefox

    The following steps use version 132.0.2 to show how to configure the DoH endpoint:

    1. Open Firefox. Go to Preferences > Privacy & Security. You can also enter about:preferences#privacy in the address bar.

    2. In the DNS over HTTPS section, configure DoH.

      image

    3. Select Max Protection. From the drop-down menu, select Custom, and then enter the DoH endpoint.

    4. Enter a URL in the address bar to verify the configuration.

      • If the domain name in the URL is on the list of accessible domain names and the browser can access the page, the verification is successful.

      • If the domain name is not on the list of accessible domain names or is on the blacklist, the browser cannot access the page. This also confirms that the DoH configuration is in effect.

    5. After the verification is successful, Firefox displays the result in the DNS over HTTPS section.

    image

    Configure a DoH endpoint in Edge

    The following steps use Edge version 132.0.2957.140 as an example.

    1. Add the probe domain name google.com to the list of accessible domain names in the console. If you have already enabled resolution for all domain names, you can skip this step.

    2. Open Edge. Go to Preferences > Privacy, search, and services. You can also enter edge://settings/privacy in the address bar.

    3. In the Security section, configure the DoH endpoint.

      1. Turn on Use secure DNS to specify how to look up the network address for websites.

      2. Select Choose a service provider.

      3. In the text box below, enter the DoH endpoint.

    image

    1. Enter a URL in the address bar to verify the configuration.

      • If the domain name in the URL is on the list of accessible domain names and the browser can access the page, the verification is successful.

      • If the domain name is not on the list of accessible domain names or is on the blacklist, the browser cannot access the page. This also confirms that the DoH configuration is in effect.

    Important

    Ensure that Edge's DoH probe domain, google.com, is resolvable. Add it to the list of accessible domain names or allow resolution for all domain names.

    FAQ about using the DoH service in a browser

    Webpage fails to open

    • Symptom

      20250310153816

    • Causes and solutions

      Cause

      Solution

      The DoH service is not enabled.

      Enable the DoH service. For more information, see Configure the DoH service.

      An incorrect DoH endpoint address is used.

      Obtain the correct DoH endpoint address. For more information, see Configure the DoH service.

      The primary site domain name is not configured in the list of accessible domain names.

      Solution 1: Add the primary site domain name to the list of accessible domain names. For more information, see Accessible domain names.

      Solution 2: Enable the option to resolve all domain names. Use this option with caution.

    Some elements on the webpage fail to render

    • Symptom

      image

    • Causes and solutions

      Cause

      Solution

      Related domain names are not configured in the list of accessible domain names.

      Solution 1: Add the related domain names to the list of accessible domain names. For more information, see Domain name management.

      Note

      A website often needs to access multiple domain names to render completely. Add all these domain names to the list.

      Solution 2: Set the option for resolving all domain names to "Yes". Evaluate this option carefully.