HTML Injection on ReaderMode Page (needs to be in WKContentWorld)

[garvankeeley]

Moved from https://bugzilla.mozilla.org/show_bug.cgi?id=1633140

See the original bug for full repro steps. Because reader mode is in the JS context of the page, any JS build-in functions can be overriden to mess with the reader mode JS. This is a known limitation of JS injection with WKWebView, and is not considered a sec issue in this case.

The iOS 14 WKContentWorld should resolve this.

┆Issue is synchronized with this Jira Task

[diracdeltas]

@garvankeeley this is how Brave is proposing to fix this: https://github.com/brave/brave-ios/pull/4209/files

[github-actions[bot]]

This issue has been automatically marked as stale. Has the issue been fixed, or does it still require the community's attention? Please leave any comment to keep this issue opened. It will be closed automatically if no further update occurs in the next 30 days. Thank you for your contributions!