Category: autofill/ Target: Chrome on iOS (latest stable) Purpose: Combines Configurable Origin, Auto-trigger, and Shadow DOM vectors into a single test page to attempt a cross-origin autofill bypass by overriding `__gCrWeb` logic.
Reproduction Steps:
1. Select a target origin from the dropdown below.
2. Toggle Shadow DOM if desired.
3. Tap into the Username/Email field or hit "Trigger Autofill".
4. Observe if Chrome's native bottom sheet offers passwords for the spoofed origin.
Expected: Chrome only offers passwords for this site's real origin. Observed: (To be tested) If credentials for the spoofed origin appear, bypass is active.