Whenever Salesforce patches make their way into pre-release orgs our daily test runs kick off and identify the change. These tests run on 15+ org setups and report back any issues that might have been observed. One such observation was reported back during the early days of Summer ‘17 patch rollouts into pre-release. The issue manifested itself initially as the inability to complete the authentication flow on iOS devices built with Salesforce Mobile SDK v4.0.2 and lower.
During the investigations into the issue, we raised a notification on our trust site to keep our partners and customers aware of the risk of the behaviour. We also developed some internal work-arounds. If the issue wasn’t fixed prior to Summer ‘17 making it’s way into our partners’ sandboxes, these would let us unblock them from their development and testing processes.
We also discovered that the bug broke the vanilla experience of browsing standard Visualforce pages on iOS Safari; this could be bad if it got through into production.