I guess you can run your local DNS server and point the browser to that. The local DNS server can do all the filtering you want, and forward the filtered out requests to the outside DNS server.
the doomsday scenario the top-level comment mentioned is if they disabled that option. it's possible but very unlikely because it would make that browser unusable for many corporate networks.