Google is currently testing DNS over HTTPS or Secure DNS for Chrome on Android. A flag is in place and the UI is getting ready. A code change request that we spotted today, however, talks about disabling this feature for managed Android devices.
Secure DNS on Android
An experimental Chrome flag is currently available in the Canary version of Chrome to test secure DNS.
This feature is still a work-in-progress. However, while it is getting ready, the team is adding options to disable it for managed Android devices.
The code change request says:
“Disable dns-over-https when an Android device or profile is owned
Call into EnterpriseInfo info to check if the device or profile is owned. The check may be performed asynchronously and could take some time. While this check is in progress we’ll assume a “not owned” state which will allow for any existing dns-over-https preferences to be honored. Testing: Hand tested by installing a device ownership app onto an emulator and checking Net.DNS.DnsConfig.SecureDnsMode to see if the value is as expected.”
The bug associated with this change as well makes this clear:
“Disable DoH on managed Android devices and profiles”
If your device is a managed Android device, or if you have a managed profile on a personal device, Secure DNS can be disabled on Chrome.
It is unclear if there will be an option for admins to enable or disable this from their control panel.