feat: Cover with E2E tests a scenario when user opens phishing websites or websites that load these phishing websites via iFrame

[Tyschenko]

E2E tests for the changes #16706

Description

Issue: https://github.com/MetaMask/mobile-planning/issues/2227

We currently have an anti-fishing warning which is displayed when user opens a malicious website.
But there is a way to bypass this warning if you load a malicious website via iFrame.

Example of the malicious website: https://coin-qr.to/
Example of the website with a malicious iFrame: https://lol-au4.pages.dev/cb (opens coin-qr.to inside in the iFrame)
We can inject a JS script in the mobile browser that will check webpage's iFrames and report their URLs to the browser in MetaMask mobile app.Issue: https://github.com/MetaMask/mobile-planning/issues/2227

We currently have an anti-fishing warning which is displayed when user opens a malicious website.
But there is a way to bypass this warning if you load a malicious website via iFrame.

Example of the malicious website: https://coin-qr.to/
Example of the website with a malicious iFrame: https://lol-au4.pages.dev/cb (opens coin-qr.to inside in the iFrame)
We can inject a JS script in the mobile browser that will check webpage's iFrames and report their URLs to the browser in MetaMask mobile app.

Pre-merge author checklist

• I’ve followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[github-actions]

Bitrise

❌❌❌ pr_smoke_e2e_pipeline failed on Bitrise! ❌❌❌

Commit hash: f46d98ad89455b204be48037a75114aa39e7d0d5
Build link: https://app.bitrise.io/app/be69d4368ee7e86d/pipelines/d37e8b53-977a-41c0-bafc-202e4b1bf25d

Note

• You can kick off another pr_smoke_e2e_pipeline on Bitrise by removing and re-applying the Run Smoke E2E label on the pull request

Tip

• Check the documentation if you have any doubts on how to understand the failure on bitrise

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud