This test case checks if native UIWebView window.open() is overridden.
If "NO", the rest of window.open() tests can be probably safely skipped.
Other functions/objects loaded with stringByEvaluatingJavaScriptFromString to window object are shown by this script. They either override native Javascript functions to bridge them with Objective-C code, or implement browser functions like password manager, autocomplete, context menu.
Test case: Origin of a child window (about:blank)
This test case calls window.open("about:blank") and in the opened window writes its document.location. Please ignore address bar for this test.
If a new window is not opened, window.open() function does not seem to work.
If a new window is opened, but its location is not written, it seems cross-window document.write is not implemented. Alternatively, you may try the next test case below.
If the written location shows applewebdata: URL, you just found a Universal Cross-Site Scripting vulnerability.
If a new window is opened and the written location starts with https://ios.browsr-tests.com/alt/, document.write passes origin of the caller to the child window. This may potentially lead to UXSS with cross-frame forgery or other vectors. Have fun while testing!
If the location shows about:blank, it seems safe so far.
applewebdata: URL is shown when loadHTMLString is called with baseURL=nil/NULL (see also CVE-2012-2899).
Test case: Origin of a child window (same location)
This test case calls window.open(document.location.href) and in the opened window writes its document.location. Please ignore address bar for this test.
If a new window is not opened, window.open() function does not work.
If a new window is opened, but its location is not written, it seems cross-window document.write is not implemented.
If a new window is opened and the written location starts with https://ios.browsr-tests.com/alt/, document.write allows cross-window writing to the origin of the caller. This may potentially lead to UXSS with cross-frame forgery.
If the location shows about:blank, it should be safe.