These tests make sense if native UIWebView's window.open() is overridden and if cross-tab document.write is supported.
The first half of these tests is related to switching focus between windows - this may be connected with one of the spoofing attacks tested on the next page. The second half is quite similar to UXSS tests - but take a look at address bar vs content.
If window.focus() is overridden, it may be potentially used for switching focus during spoofing attacks, quite handy.
If focus switched to original window after alerting the test result, window.focus() worked. I assume the alert was shown over www.example.com, if not then this test did not work as intended.
window.open().close() is an alternative to window.focus() sometimes.
If focus switched to original window after 2 seconds, window.open().close() can be used to switch focus (and popup blocking does not work, too).
If two new windows were opened, it can. Also handy for hiding a window before we complete spoofing attack.
After your click, new window will be opened after 5 second delay. If it works, it seems there is no popup blocker in place.
This is a basic attempt at address bar spoofing against HTTP site.
This is a basic attempt at address bar spoofing against SSL site.
In this test case, the attempt is delayed 5 seconds. The result may be different depending on whether the target website was previously cached locally or not.
Please wait 5-6 seconds for the result.
The next page: tests for address bar spoofing in a single UIWebView.