It fails on other browsers as well (e.g. Firefox on Linux) and someone has discovered[1] that it may well be a Netlify bug (sending more data than it's supposed to). I agree with your point that that Apple could do better but in this case it does seem that Apple's browser is doing the right thing and ignoring invalid data provided by Netlify (which is the same behaviour as Firefox at the very least). In any case going direct[2] to GitHub should work fine--that link works for me in Firefox on Linux (whereas the Netlify one does not).
Android is used more here in India. Personally I haven't even touched an Apple device till date because it's just hard to find except in Apple store or if you have very rich friends. So I had no idea.
There might be good reasons to do it from Apple’s point of view.
For example, if Apple allowed third-party browser engines, any vendor could offer a browser with a vulnerability. That browser could be abused to install apps through that vulnerability, including malicious ones.
I’m not implying that it’s ok for Apple to act like that. My point is that it’s consistent with their security model for iOS.
The real reason is that they want you to get your apps from the app store and that's it. They can't get paid when people install PWAs or sideload open source apps. Same reason for killing the headphone jack. Same reason for having a different shape magsafe for every generation of MacBook. To keep the suckers spending.
