That's insufficient. There's nothing stopping a web site (or ad on a website) from forming its own DoH request that bypasses the browser and the port. It can be done entirely within the HTTPS stream.
>>JohnFe+(OP)
If you're monitoring the HTTPS stream, you'll see it. The point of the proxy is exactly to inspect the content of HTTPS requests (that's why you need to install your own certificate).