SpywareBlaster 6.0 Windows 10 Home x64 Your options Cookie Protection and Script Protection for Edge will switch Edge into managed mode. Users cannot configure some settings in managed mode, like edge://settings/privacy for "Use secure DNS to specify how to lookup the network address for sites" (a ridiculous description for DNS over HTTPS). When users see Edge is in managed mode, they usually have no clue how it got that way. You need to be overt in describing those options, and that they set policies on Edge which will switch it into managed mode. When Cookie Protection for Edge is disabled, you delete all the data items under: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\CookiesBlockedForUrls but you leave the key itself defined which forces managed mode. There may be zero data items under the key, but that the key exists forces managed mode in Edge. When Cookie Protection is disabled, delete the Edge\CookiesBlockedForUrls registry key. Don't bother removing data items under it. Just delete the key, and all those data items also disappear. When Script Protection for Edge is disabled, you delete all the data items under: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\JavaScriptBlockedForUrls but you leave the key itself defined which forces managed mode. Zero data items under the key does NOT undefine the policy. The key by itself forces managed mode in Edge. When Script Protection is disabled, delete the Edge\JavaScriptBlockedForURLs registry key. Don't bother removing its data items. Just delete the key, and all those data items also disappear. You MUST remove the registry key to disable the policy! Do not leave the registry key, and only remove the data items for the key. Also, do not have options that define policies on Edge without telling users those options will set policies that force Edge into managed mode. Warn your users regarding the consequences of using your Cookie Protection and Script Protection options in SpywareBlaster. To find out why my Edge was managed (which blocked me from changing some settings), I went to edge://policy. There I noticed CookiesBlockedForURLs and JavaScriptBlockedForURLs were listed. I had to research these, and discover what are the policies for Edge. I had to guess SpywareBlaster was at fault, and do some testing to verify. Took me several hours to figure out why SpywareBlaster was NOT disabling those protections when the options were disabled. Your typical users won't dig that deep, or understand where to investigate. They only know Edge is in managed mode, THEY are the management, and don't know what caused Edge to go into managed mode. Just the presence of those keys will enforce those policies, even with no data items under them, and users won't know why disabling the options in SpywareBlaster does not get rid of those policies that force Edge into managed mode. Even if they suspect SpywareBlaster was at fault, they will disable those options, but Edge remains in managed mode, so they figure it wasn't SpywareBlaster's fault -- but it IS! Don't expect your users to have your expertise regarding the registry entries, and policies for Edge.
Browsers continue to evolve how they handle when policies are configured, and I suspect that will continue. It makes very little sense for a browser to enforce empty policies, but this is something we can implement a workaround for in a future release (albeit with appropriate handling for if the user or other programs have configured policies or added values - simply deleting the keys would obliterate other settings / customizations, which obviously is not desired). In regards to configuring DNS over HTTPs specifically: There is a "managed mode" policy that may provide the functionality you seek. Please see: https://chromeenterprise.google/policies/#DnsOverHttpsMode
In other chromium-based Browsers such as Brave or Edge, there is no such flag (anymore). It's a mess, really.