In Firefox and Chrome a feature of processing search queries typed in the address bar, which to information leakage through the provider's DNS server. The essence of the problem is that if the search query consists of only one word, the browser first tries to determine the presence of a host with that name in DNS, believing that the user is trying to open a subdomain, and only then redirects the request to the search engine. Thus, the owner of the DNS server specified in the user settings receives information about single-word search queries, which is considered a violation of confidentiality.
The problem manifests itself when using both the provider's DNS server and DNS over HTTPS (DoH) services, if a DNS suffix is ββspecified in the settings (it is set by default when receiving parameters via DHCP). At the same time, the main problem is that even when DoH is enabled, requests continue to be sent through the provider's DNS server specified in the system.
It is important that a resolving attempt is made only when sending search queries consisting of one word. If multiple words are specified, DNS is not accessed.
The issue has been confirmed in Firefox and Chrome, and may also affect other browsers. The Firefox developers have acknowledged the problem and provide a solution in the release of Firefox 79. In particular, to control behavior when processing search requests in about:config 'browser.urlbar.dnsResolveSingleWordsAfterSearch' which, when set to '0', disables resolving, '1' (default) uses the heuristic for selective resolution, and '2' retains the old behavior. Heuristic in checking that DoH is enabled, that there is only a 'localhost' entry in /etc/hosts, and that there is no subdomain for the current host.
Chrome Developers limit DNS leaks, but about a similar problem has remained unresolved since 2015. The problem does not appear in Tor Browser.
Source: opennet.ru