I'm pretty sure the XSS Auditor is not present on iOS, due to Apple restrictions on that platform the preclude Google from using Blink.

XSS Auditor issues are tracked as functional issues rather than vulnerabilities; https://dev.chromium.org/Home/chromium-security/security-faq#TOC-Are-XSS-filter-bypasses-considered-security-bugs-

Hi Eugene, is this something we can fix in WKWebview?

Eric, do you know if XSSAuditor is a part of Blink or it's just a SafeBrowsing feature?

tsepez@ knows infinitely more about this than I do.

Chrome's XSSAuditor now lives in blink (third_party/WebKit/Source/core/html/parser/XSSAuditor.cpp), but I believe it existed in WebKit before the divorce and that Safari has a version of the feature as well (see e.g. https://bugs.webkit.org/show_bug.cgi?id=92692)

Searching around, I see references to "xssAuditorEnabled setting in Webcore" and "setXSSAuditorEnabled on WebPreferences" but I don't know whether these flags or similar exist in a useful way on the WKWebView object. I didn't see anything obvious in the configuration https://developer.apple.com/documentation/webkit/wkwebviewconfiguration

On iOS, Chrome integrates with the iOS frameworks at a higher level than where the XSSAuditor lives, so its currently not possible to do anything about this.

Removing Blink>SecurityFeature>XSSAuditor label and turning this into FeatureRequest There is always an option to contribute to WebKit (cc danyao@ for that). 

As noted in #4, I'm pretty sure this is still in WebKit, but the question is whether WKWebview exposes it for us to opt-into?

A quick websearch didn't show any documentation for this capability in WKWebView, and I'm not the person to add it. Re-assigning.

Marking as Available as I will not have time to work on this in the near future. Danyao  (CCed to this bug) can make a judgement whether this feature request is important or not.

Marking as external dependency since no one can make any progress on this unless things change in iOS.