Lockdown Mode restrictions on APIs and web technologies are not documented
I have an issue with Lockdown Mode in which an app does not work properly when lockdown mode is enabled, even when the app is added as an exception. The error is easily reproducible.
I opened the case to Apple and their answer was, "[...] For security reasons, we can't get into the details of these technologies."
I also opened the case with Apple Developer Support, and their answer was similar: "[...] We are not equipped to provide the type of information you are seeking."
So, basically, if a user has Lockdown Mode and and the app does not work properly, the developers have no way to troubleshoot the issue or to have programming habits that avoid issues in the first place. Well, with enough patience, they could perform a test by calling all the javascript/web functions that are available, and see which ones fail, or otherwise troubleshoot by try-and-error. And once that test is done, then Apple's security-through-obscurity is broken. Maybe there are researchers working on that, already.
I guess that Apple's claim is that this security-through-obscurity benefits the security side in making attacks more difficult, but this in turn puts pressure on users to disable the Lockdown Mode because of functional issues, which in reality makes the iPhone less secure.
In any case, if anyone has information about what APIs/functions are not available or have an altered behavior in Lockdown Mode, that would be cool.
[Edited by Moderator]