diff --git a/browser/extensions/doh-rollout/heuristics.js b/browser/extensions/doh-rollout/heuristics.js
index 5d22ebf30e2c..a1cf3f894088 100644
--- a/browser/extensions/doh-rollout/heuristics.js
+++ b/browser/extensions/doh-rollout/heuristics.js
@@ -177,11 +177,11 @@ async function providerSteering() {
 }
 
 async function runHeuristics() {
-  let safeSearchChecks = await safeSearch();
+  // First run enterprise and OS-level parental controls heuristics.
   let results = {
-    google: safeSearchChecks.google,
-    youtube: safeSearchChecks.youtube,
-    zscalerCanary: await zscalerCanary(),
+    google: "",
+    youtube: "",
+    zscalerCanary: "",
     canary: await globalCanary(),
     modifiedRoots: await modifiedRoots(),
     browserParent: await browser.experiments.heuristics.checkParentalControls(),
@@ -195,7 +195,17 @@ async function runHeuristics() {
     return results;
   }
 
-  // Check for provider steering only after the other heuristics have passed.
+  // Check for provider steering, return results immediately if triggered.
   results.steeredProvider = (await providerSteering()) || "";
+  if (results.steeredProvider) {
+    return results;
+  }
+
+  // Finally, run safe search checks and zscaler canary.
+  let safeSearchChecks = await safeSearch();
+  results.google = safeSearchChecks.google;
+  results.youtube = safeSearchChecks.youtube;
+  results.zscalerCanary = await zscalerCanary();
+
   return results;
 }
diff --git a/browser/extensions/doh-rollout/test/browser/browser_providerSteering.js b/browser/extensions/doh-rollout/test/browser/browser_providerSteering.js
index 010608c02ae2..772b5959bb79 100644
--- a/browser/extensions/doh-rollout/test/browser/browser_providerSteering.js
+++ b/browser/extensions/doh-rollout/test/browser/browser_providerSteering.js
@@ -1,7 +1,6 @@
 "use strict";
 
 const TEST_DOMAIN = "doh.test";
-const AUTO_TRR_URI = "https://dummytrr.com/query";
 
 add_task(setup);
 
@@ -30,67 +29,48 @@ add_task(async function testProviderSteering() {
     JSON.stringify(providerTestcases)
   );
 
-  let testNetChangeResult = async (
-    expectedURI,
-    heuristicsDecision,
-    providerName
-  ) => {
+  for (let { name, canonicalName, uri } of providerTestcases) {
+    gDNSOverride.addIPOverride(TEST_DOMAIN, "9.9.9.9");
+    gDNSOverride.setCnameOverride(TEST_DOMAIN, canonicalName);
     let trrURIChanged = TestUtils.topicObserved(
       "network:trr-uri-changed",
       () => {
         // We need this check because this topic is observed once immediately
         // after the network change when the URI is reset, and then when the
         // provider steering heuristic runs and sets it to our uri.
-        return gDNSService.currentTrrURI == expectedURI;
+        return gDNSService.currentTrrURI == uri;
       }
     );
     simulateNetworkChange();
     await trrURIChanged;
-    is(gDNSService.currentTrrURI, expectedURI, `TRR URI set to ${expectedURI}`);
-    await checkHeuristicsTelemetry(
-      heuristicsDecision,
-      "netchange",
-      providerName
-    );
-  };
-
-  for (let { name, canonicalName, uri } of providerTestcases) {
-    gDNSOverride.addIPOverride(TEST_DOMAIN, "9.9.9.9");
-    gDNSOverride.setCnameOverride(TEST_DOMAIN, canonicalName);
-    await testNetChangeResult(uri, "enable_doh", name);
+    is(gDNSService.currentTrrURI, uri, "TRR URI set to provider endpoint");
+    await checkHeuristicsTelemetry("enable_doh", "netchange", name);
     gDNSOverride.clearHostOverride(TEST_DOMAIN);
   }
 
-  await testNetChangeResult(AUTO_TRR_URI, "enable_doh");
-
-  // Just use the first provider for the remaining checks.
-  let provider = providerTestcases[0];
-  gDNSOverride.addIPOverride(TEST_DOMAIN, "9.9.9.9");
-  gDNSOverride.setCnameOverride(TEST_DOMAIN, provider.canonicalName);
-  await testNetChangeResult(provider.uri, "enable_doh", provider.name);
+  let trrURIChanged = TestUtils.topicObserved("network:trr-uri-changed");
+  simulateNetworkChange();
+  await trrURIChanged;
+  is(
+    gDNSService.currentTrrURI,
+    "https://dummytrr.com/query",
+    "TRR URI set to auto-selected"
+  );
+  await checkHeuristicsTelemetry("enable_doh", "netchange");
 
   // Set enterprise roots enabled and ensure provider steering is disabled.
   Preferences.set("security.enterprise_roots.enabled", true);
-  await testNetChangeResult(AUTO_TRR_URI, "disable_doh");
+  gDNSOverride.setCnameOverride(
+    TEST_DOMAIN,
+    providerTestcases[0].canonicalName
+  );
+  simulateNetworkChange();
+  await checkHeuristicsTelemetry("disable_doh", "netchange");
+  is(
+    gDNSService.currentTrrURI,
+    "https://dummytrr.com/query",
+    "TRR URI set to auto-selected"
+  );
   Preferences.reset("security.enterprise_roots.enabled");
-
-  // Check that provider steering is enabled again after we reset above.
-  await testNetChangeResult(provider.uri, "enable_doh", provider.name);
-
-  // Trigger safesearch heuristics and ensure provider steering is disabled.
-  let googleDomain = "google.com";
-  let googleIP = "1.1.1.1";
-  let googleSafeSearchIP = "1.1.1.2";
-  gDNSOverride.clearHostOverride(googleDomain);
-  gDNSOverride.addIPOverride(googleDomain, googleSafeSearchIP);
-  await testNetChangeResult(AUTO_TRR_URI, "disable_doh");
-  gDNSOverride.clearHostOverride(googleDomain);
-  gDNSOverride.addIPOverride(googleDomain, googleIP);
-
-  // Check that provider steering is enabled again after we reset above.
-  await testNetChangeResult(provider.uri, "enable_doh", provider.name);
-
-  // Finally, provider steering should be disabled once we clear the override.
   gDNSOverride.clearHostOverride(TEST_DOMAIN);
-  await testNetChangeResult(AUTO_TRR_URI, "enable_doh");
 });